Close
  • Latest News
  • Cybersecurity
  • Big Data and Analytics
  • Cloud
  • Mobile
  • Networking
  • Storage
  • Applications
  • IT Management
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
Read Down
Sign in
Close
Welcome!Log into your account
Forgot your password?
Read Down
Password recovery
Recover your password
Close
Search
Menu
Search
  • Latest News
  • Cybersecurity
  • Big Data and Analytics
  • Cloud
  • Mobile
  • Networking
  • Storage
  • Applications
  • IT Management
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
More
    Home Cybersecurity
    • Cybersecurity
    • Networking
    • PC Hardware

    CryptoLocker Ransomware Likely Grabbed Millions of Dollars

    By
    Robert Lemos
    -
    December 30, 2013
    Share
    Facebook
    Twitter
    Linkedin
      malware

      The technically savvy CryptoLocker ransomware compromised at least 200,000 computers and netted the criminals behind the scheme a minimum of $380,000—but more likely millions—in its first 100 days, according to an analysis conducted by managed-security firm Dell Secureworks.

      CryptoLocker encrypts more than 70 different types of files on systems—including Microsoft Word and Excel, Adobe Illustrator and PDF files—and requires that the victim pay $300 for the key to unlock their files. In a report published in late December, Secureworks researchers conservatively estimated that at least 200,000 people were infected in the first 100 days and that 0.4 percent of victims paid the CryptoLocker gang for the decryption keys.

      CryptoLocker has threatened thousands of firms with the specter of data loss, because a single infection also encrypts data on any connected network drives. In the past, most ransomware and rogue security-software attacks have essentially amounted to bluffs, locking the Windows desktop until the user pays, but not actually encrypting data. CryptoLocker, however, uses a combination of encryption techniques to scramble important files, making them unreadable unless the victim buys the decryption key, Keith Jarvis, senior security researcher with Dell Secureworks, told eWEEK.

      “What sets it apart is not just the size and the professional ability of the people behind it, but that—unlike most ransomware, which is a bluff—this one actually destroys your files, and if you don’t pay them, you lose the data,” Jarvis said.

      CryptoLocker started spreading in early September, initially disguised as spam email messages that appeared to be consumer complaints. When the attached zipped executable file is run, the program connects to a server on the Internet to retrieve an encryption key. Using that key, the program uses Microsoft’s CryptoAPI to encrypt more than 70 different file types on the victim’s system.

      “By using a sound implementation and following best practices, the malware authors have created a robust program that is difficult to circumvent,” the report stated.

      By monitoring domains used by the ransomware, Secureworks researchers found that computers at nearly 32,000 IP addresses showed signs of infection over a 10-day period in late October and early November. During the second week of December, computers at another nearly 6,500 addresses showed signs of infection. While systems in the United States account for more than two-thirds of infections during the earlier period, the nation’s portion of infections dropped to less than a quarter by December.

      Secureworks used research by graduate student, Michele Spagnuolo, to count the number of victims who paid the criminals using Bitcoins. Spagnuolo found a way of forensically analyzing Bitcoin payments to find out information on the account holders. Duplicating the research led Secureworks researchers to find that one account tied to CryptoLocker collected 1,216 Bitcoins in the first 100 days, with a minimum value of $380,000.

      Yet, the ransoms collected by the criminals likely totaled in the millions. Because the estimates were based on payments made in Bitcoins, a virtual online currency whose value fluctuates, the criminals could have made much more than the $380,000 minimum that the digital tokens were worth in that time period. In addition, more than 0.4 percent of victims have likely paid the ransom, but those payments are not visible to researchers because most victims in the United States would have used the primary payment method, MoneyPak, rather than Bitcoins, said Securework’s Jarvis.

      “I think the total is much higher,” he said. “At least several multiples of it, at a minimum.”

      Avatar
      Robert Lemos
      Robert Lemos is an award-winning freelance journalist who has covered information security, cybercrime and technology's impact on society for almost two decades. A former research engineer, he's written for Ars Technica, CNET, eWEEK, MIT Technology Review, Threatpost and ZDNet. He won the prestigious Sigma Delta Chi award from the Society of Professional Journalists in 2003 for his coverage of the Blaster worm and its impact, and the SANS Institute's Top Cybersecurity Journalists in 2010 and 2014.

      MOST POPULAR ARTICLES

      Android

      Samsung Galaxy XCover Pro: Durability for Tough...

      Chris Preimesberger - December 5, 2020 0
      Have you ever dropped your phone, winced and felt the pain as it hit the sidewalk? Either the screen splintered like a windshield being...
      Read more
      Cloud

      Why Data Security Will Face Even Harsher...

      Chris Preimesberger - December 1, 2020 0
      Who would know more about details of the hacking process than an actual former career hacker? And who wants to understand all they can...
      Read more
      Cybersecurity

      How Veritas Is Shining a Light Into...

      eWEEK EDITORS - September 25, 2020 0
      Protecting data has always been one of the most important tasks in all of IT, yet as more companies become data companies at the...
      Read more
      Big Data and Analytics

      How NVIDIA A100 Station Brings Data Center...

      Zeus Kerravala - November 18, 2020 0
      There’s little debate that graphics processor unit manufacturer NVIDIA is the de facto standard when it comes to providing silicon to power machine learning...
      Read more
      Apple

      Why iPhone 12 Pro Makes Sense for...

      Wayne Rash - November 26, 2020 0
      If you’ve been watching the Apple commercials for the past three weeks, you already know what the company thinks will happen if you buy...
      Read more
      eWeek


      Contact Us | About | Sitemap

      Facebook
      Linkedin
      RSS
      Twitter
      Youtube

      Property of TechnologyAdvice.
      Terms of Service | Privacy Notice | Advertise | California - Do Not Sell My Information

      © 2021 TechnologyAdvice. All Rights Reserved

      Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

      ×