2014-03-04
Abstract
Research suggests ransomware is more prevalent than previously thought.
Copyright © 2014 Virus Bulletin
Around 35% of people whose machines are infected by the CryptoLocker ransomware end up agreeing to pay a ransom of around £300 to recover their files, according to researchers from the University of Kent.
CryptoLocker has become known as the unfortunate crypto success story of 2013. While stories about broken cryptography implementations made the headlines throughout the second half of the year, no one has yet been able to find a serious weakness in this piece of ransomware. Victims who find their files encrypted by CryptoLocker and who do not have a back-up of their files are forced either to pay the ransom, or to consider the files lost forever.
Researchers at the University of Kent’s Research Centre for Cyber Security surveyed 1,500 adults in the UK, asking them eight cybercrime and security-related questions. They discovered that ransomware represents one in every 30 malware cases – which is higher than previous estimates.
The researchers questioned 48 people who had been affected by CryptoLocker – of whom, 17 said they paid the ransom and 31 said they did not.
Although CryptoLocker has proved a tough case to crack and has caused many a headache for those unfortunate enough to find themselves infected with it, the creators of other pieces of ransomware are, thankfully, not quite as adept. Last month, French researchers Fabien Perigaud and Cedric Pernet uncovered a serious vulnerability in the Bitcrypt ransomware that allowed them to crack the keys used by the malware to encrypt the victim’s files – as a result, they were able to restore the encrypted files. The researchers have made a Python script available so that others can also crack Bitcrypt’s keys and restore their files.
