A criminal selling ransomware on the dark web can reportedly make over $100,000 a year.
The total value of ransomware sales on dark web market places has rocketed from $250,000 to over $6m in just a year as demand for the file-encrypting malware grows.
Ransomware has hardly been away from the public eye this year, with global the outbreak of WannaCry making it a bringer of global chaos, while prominent ransomware families like Cerber and Locky continue to be a thorn in the side of organisation around the world.
Ransomware has become a lucrative tool for cyber criminals as it’s easy to buy if you know where to look, attacks are easy to carry out and perhaps most crucially, a large percentage of victims are willing to give into the ransom demands of criminals in order to regain access to their systems.
Researchers at Carbon Black monitored dark web forums for offerings of ransomware and have estimated that the marketplace has grown to be worth $6,237,248.90, representing a 2,502 percent increase in the sale of ransomware since 2016.
The prices of ransomware for sale ranged from $3,000 for custom built ransomware to just $1 for a basic screen locker targeting Android devices, with the most common way to make payments being in Bitcoin, as it’s anonymous nature makes it difficult to track transactions.
Analysis of the underground marketplaces also found a clone of Philadelphia ransomware on sale for just $1 way below it the ‘real’ version’s $400 selling point and once again demonstrating that there’s no honour among thieves in the world of cyber crime.
See also: Ransomware: An executive guide to one of the biggest menaces on the web
Analysis by Carbon Black researchers has calculated that some ransomware vendors are making more than $100,000 a year, simply by selling ransomware – and unlike legitiamate software developers it’s highly unlikely ransomware vendors will be paying tax on their earnings.
“They are pulling in these salaries by selling one of several components of the ransomware supply chain or by selling complete, do-it-yourself, ransomware kits,” Rick McElroy, Security Strategist at Carbon Black told ZDNet.
“The overall ransomware economy is expanding into goods and service, much like the regular markets we participate in during our daily lives”.
While small-time scammers do want a piece of the ransomware pie, much of the marketplace is controlled by specialised, organised gangs.
Because of this specialisation, The Ransomware Economyreport warns, ransomware attacks are more likely to succeed – especially if threat actors take the time to customise attacks for specific targets, or even distribute kits which enable even those with no skill to do so. That means the power to attack is in the hands of anyone looking to make illicit profits.
“We don’t expect the ransomware market to slow down until businesses and consumers take the threat seriously. As long as there’s money to be made, cybercriminals will keep attacking,” says McElroy.
While some cyber criminals are going all-in on ransomware, a recent report says senior figures in the ransomware fraternity believe that the number of amateurs getting involved and carrying out poorly implemented campaigns is going to lead to the downfall of the malware as a money-making tool.
READ MORE ON CYBER CRIME Locky ransomware: Why this menace keeps coming back Ransomware shuts down 1 in 5 small businesses after it hits [CNET] Ransomware surges again, as cybercrime-as-a-service becomes mainstream for crooks No more ransomware: How one website is stopping the crypto-locking crooks in their tracks