Ransomware threats, or what we have recently come to know as deceptive messages asking for a fine for supposedly performing illegal actions, have become a pandemic that continues to utilize advanced methods to extort money from unsuspecting computer users.
Ransomware has been around for many years. Most ransomware threats are rendered from Trojan infections where the message pretends to be a law enforcement entity that has supposedly detected illegal actions. The ransomware message then goes on how a fine has been assessed and must be paid via legitimate payment processing entities through the Internet to unlock an infected computer. Just like extortion-ware, ransomware often uses aggressive money extortion techniques, which ultimately swindle thousands of computer users out of money just about every day.
Many computer users who have encountered ransomware have speculated as to where exactly it came from and how their computer was targeted. Ransomware got its start from a Trojan called PC Cyborg. The particular strain of ransomware would hide files and folders on the C: drive and then open up a dialog box proclaiming that the PC user must send PC Cyborg Corp $189 US Dollars due to a license supposedly expiring. Delving into the actual infection at the time, experts uncovered the ransomware using symmetric cryptography in encrypting the file names, giving analysts the upper hand in detecting such a threat.
Adam Young and Moti Yong, two researchers during 1996 involved in Extortion-Based Security Threats and Countermeasures (Cryptovirology), were able to use public-key cryptography in ransomware. This made reverse-engineering of ransomware virtually impossible. This particular type of ransomware received crypto-viral extortion with the following definition:
"Crypto-viral extortion, which uses public key cryptography, is a denial of resources attack. It is a three-round protocol that is carried out by an attacker against a victim. The attack is carried out via a crypto-virus that uses a hybrid cryptosystem to encrypt host data while deleting or overwriting the original data in the process."
Ransomware Hackers Pay Days Emerge
To decipher Young and Yong's findings, it gave way to today's ransomware schemes, which has evolved into an effective methodology of extorting money from computer users plagued with advanced ransomware threats.
With every malware threat that utilizes aggressive money extortion methods, therein lies a virtual money trail. Ransomware in the past was never the malware of choice for cybercrooks or hackers because they were always concerned about the money trail that sending ransom funds creates. Outright claiming that a computer would have its files destroyed or block Internet access as a means of collecting a fine were failing approaches. To make such a threat would have dire consequences.
Today, ransomware (FBI Monypak, Ukash Virus, FBI Green Dot Moneypak Ransomware) is clever as ever by making it hard to trace Internet payments through new payment methods. These methods involve the transaction of payments through legitimate money processing avenues. Once the extortionist has the money, they no longer send back decryption information. The victim is then left without any proof while the process may just start all over again. Additionally, ransomware message has evolved by asking a ransom to be paid due to purported detection of illegal 'internet activity'. Cybercriminals are now empowered to run with the resurgence of their new-found ransomware threats and schemes.