Extortion is a cybercrime staple and no malware does a better job at this than ransomware.
Ransomware have been wreaking havoc since they first emerged in the mid-2000s. 2016 was, in fact, marked by a staggering increase the number of newly discovered ransomware families. All armed with capabilities to encrypt various file types on not just computers but even mobile devices and servers, individuals and businesses alike across the globe continued to suffer the threat’s dire effects.
Ransomware operators not just improved the malware’s capabilities but also produced increasingly threatening ransom notes while demanding bigger ransoms. Incidents have left victims no other choice but to give in to cybercriminals’ demands just to get files back or worse their systems back up and running.
To this day, new and improved ransomware variants continue to be seen. Will we see the end of ransomware scare soon?
Ransomware: History and Evolution
The first cases of ransomware1 infection were first seen in Russia between 2005 and 2006. One of our earliest reports on ransomware discussed a variant that compresses then password-protects certain files in a victim’s computer.2 It also left a file that served as ransom note to ask the victim for US$300 in exchange for his files. In the threat’s early stages, .DOC, .XLS, .JPG, .ZIP, .PDF, and other commonly used files were held hostage. Later on, variants that could infect mobile phones3 and even computers’ Master Boot Record (MBR),4 preventing the OS from loading, emerged.
By 2012, ransomware made its way from Russia across other European countries.5 This could be a result of the clampdown on fake antivirus (FAKEAV) and so cybercriminals had to look for another means to continue profiting from unwitting victims.6 Ransomware operators started coming up with new tactics to spread the threat. A popular ruse at that time was introduced by Reveton7—impersonating law enforcement agencies and threatening victims by implicating them with online crimes. Ransomware operators also experimented with the use of various payment methods, including Ukash, paysafecard, and MoneyPak, to limit their monetary trail….Click to read Trend Micro’s Ransomware: Past, Present and Future full report