Ransomware attacks and similar extortion schemes took in an estimated $144 million in the course of 7 years. FBI estimates show most of the ransoms were paid in Bitcoin (BTC) and went straight to mixers or exchanges.
Most Ransomware Required Payment in Bitcoin
Attacks that lock files and require a ransom to decrypt them have lined up among the biggest cyber threats in the past few years. Ransomware has locked down airports and hospitals, entering older, vulnerable machines. Most ransomware versions share a message requiring a bitcoin payment to unlock all files. Despite advice not to pay, it turns out multiple targets actually sent in BTC to the ransomware extortionists.
FBI supervisory special agent, Joel DeCapua, shared the US agency’s discoveries during the RSA Conference 2020. He explained that any BTC or other coins acquired went immediately to coin mixers, or were sold on exchanges. But there is also a curious reason why so much was paid in ransoms – the companies affected may make an insurance claim.
No one wants to pay the ransom actors. I think a lot of companies get insurance now. They say, ‘Well, if we are hit by ransomware, we are just going to defer to what our insurance company wants to do… They can say it wasn’t their choice to pay the ransom, because like I said, no one wants to pay the ransom. So I think that because ransom payments are insurable, I think it has caused more ransoms to be paid.
Ransomware attacks have been linked to both Russian and North Korean hackers. The attack message usually contains a bitcoin address and instructions on how to acquire and send coins. However, paying the ransom on some occasions has left the files locked, hence the advice to avoid paying.
Ransomware Demands Grew in 2019
Even now, a variation of bitcoin extortion is still making the rounds, marking a payment into one of the known wallets of a sextortion scheme.
🚔 A payment of 0.168 BTC (1,557 USD) has been made to a known Sextortion Scam!
— Whale Alert (@whale_alert) February 25, 2020
The $144 million paid in ransoms is rather small and spread out in comparison to exchange hacks, and general crypto scams. Those accounted for billions in the past few years. Ransoms in BTC, however, spread a negative message about crypto coins as a tool for illegal activities.
Ransomware demands grew significantly during 2019, based on data from a periodic Kaspersky cybersecurity report. Ransomware spreads on darknet sites, offering new variations of locking programs and even affiliate programs for spreading the files.
What do you think about the ransomware threat? Share your thoughts in the comments section below!
Images via Shutterstock, Twitter @Whale_Alert