Ransomware crooks make millions from porn-shaming scams

'It really puts the screws to you,' says Symantec director of spike in PC extortion racket

By , Computerworld |  Security, ransomware, Symantec

The ransom note demanded $200 from each victim, putting $33,600 in the criminals' pockets. Extrapolating the 68,000 infections over the course of a month put the total at nearly $400,000.

Those amounts are maximums, said Symantec, since the criminals will lose some as they launder the money from the pre-paid cash cards that they tell victims to use to make ransom payments.

"Given the number of different gangs operating ransomware scams, a conservative estimate is that over $5 million a year is being extorted from victims," said Symantec's published report. "The real number is, however, likely much higher."

The criminal groups active in ransomware come from various backgrounds, said Haley. Some had been dealing scams that relied on fake antivirus software -- often called "scareware" -- that Haley said had largely "petered out." Others had been spreading Trojan horses that hijacked bank account credentials. And some were simply opportunists.

"It's an evolution, just like in any business," said Haley. "Someone tries something new, then others build on that. Others see an innovation and they just jump on it, too."

With more criminals migrating to ransomware -- and because the scam is profitable -- Haley expects that the problem will grow, and quickly. "It's predominantly porn now, but they'll shift away from that model and find others," Haley predicted. "Ransomware isn't new, but what's happened is that they've found a way to make money."

Because the ransomware infects PCs using advertisements on compromised adult websites, Symantec recommended that users refrain from clicking on such ads, and to keep Windows, Java, Flash, Adobe Reader and Windows updated with the most recent patches.

The Symantec report on ransomware can be found on its website ( download PDF).

Gregg Keizer covers Microsoft, security issues, Apple, Web browsers and general technology breaking news for Computerworld. Follow Gregg on Twitter at @gkeizer, on Google+ or subscribe to Gregg's RSS feed. His email address is gkeizer@computerworld.com.

See more by Gregg Keizer on Computerworld.com.


Originally published on Computerworld |  Click here to read the original story.
Join us:
Facebook

Twitter

Pinterest

Tumblr

LinkedIn

Google+

Answers - Powered by ITworld

ITworld Answers helps you solve problems and share expertise. Ask a question or take a crack at answering the new questions below.

Ask a Question