InfoSec 2016: Malwarebytes – Beware The Growing Ransomware Risk

Security firm Malwarebytes says that the amount of ransomware being unleashed has grown nearly 50 percent in under half a year as criminals look for more and more ways to gain an advantage.

And the company also warned that criminal firms are also becoming increasingly professional in how they develop and disseminate ransomware as the potential gains grow ever larger.

Game over

“Ransomware has become the most frequently used form of malware attack due to its being plentiful in the underground, easy to use and incredibly effective at extorting large amounts of money from victims,” Malwarebytes warned.

“The worst part is, it bypasses all the rules we learned previously on how to fight malware. The sad truth is that there is rarely any recourse after a ransomware infection, its game over and no amount of scanning or cleaning after the fact will return your files.”

Read More: How to avoid ransomware and stay safe

The company also warned that its statistics did not take into consideration ransomware spread by malicious phishing scams, or include numbers on malware executed by so-called “droppers” or downloaders – aka downloaded files that could execute ransomware when opened.

It says that the growth of ransomware can be put down to pre-existing cybercrime groups spreading their focus to include ransom tactics as they look to improve their returns, as several high-profile scams have shown how profitable using ransomware can be.

A growing number of criminals now look to advertise their ransom products on the Dark Web, offering up “ransomware as a service” to clients offering the highest bid, with services such as hosting services, distribution avenues, and crypting services all available.

This has also led to a large number of copy-cat firms looking to mirror the success of malware such as TeslaCrypt, which was reportedly shut down last month after a successful spree targeting popular Windows and gaming programs.

The firm’s main advice to dealing with these threats is to never pay out on a ransom demand, saying that doing so encourages not only the criminals that shared the malware, but also promotes the use of ransomware to other would-be criminals.

“Fighting malware is the responsibility of everyone, even if it’s just reading an article, sharing a post or taking a stand against criminals who are unlikely to ever be caught.”

Are you a security pro? Try our quiz!