Ransomware payments add up

We don’t know who is making the payments, or who is receiving them. But by looking at the public protocols of Bitcoin accounts associated with ransomware we can see the trail of money paid.

How much would you pay to regain access to your computer files? This is a question victims of ransomware are faced with when they least expect it. A threatening message appears promising to delete all files unless a payment is made before a certain time.

“My first reaction was panic. My second reaction was to get on another computer and figure out exactly how much 1.71 Bitcoin was worth in US dollars,” said John, a lawyer in Chicago, describing a ransomware attack that temporarily crippled his legal practice in 2016.

A malicious link clicked or a file attachment arriving by email can unleash ransomware on networked computers or mobile phones. It can take down healthcare providers and threaten the aviation industry. Estimates of how many people and companies are affected by ransomware vary, but it’s a big crime business. Software to unleash an attack can be easily bought and customized. Network security company SonicWall counted more than 200 million attacks globally in 2018. Cisco estimates that every 40 seconds a business falls victim.

In recent years, international law enforcement and security firms have collaborated on The No More Ransom Initiative to freely share decryption tools. This has helped people worldwide. Creating frequent backups of files and keeping operating system software updated is the best fix to keeping your own devices healthy and free of malware that can infect others too.

Secrecy clouds what we know about the economic impact of ransomware. A 2018 study about ransomware payments via Bitcoin offers a glimpse of how many people fall prey, and suggests a new counting method to better estimate the millions of dollars of payments.

One day of WannaCry ransom payments

On May 15, 2017 the equivalent of $24,246.51 USD in ransom payments were transferred to WannaCry ransomware attackers. In few days, an estimated 300,000 businesses in 150 countries were hit. There are still new WannaCry victims today.

On the Economic Significance of Ransomware Campaigns: A Bitcoin Transactions Perspective by Mauro Conti, Ankit Gangwal and Sushmita Ruj. In: arXiv:1804.01341 [cs], 2018. Data provided by Ankit Gangwal. Bitcoin values in USD were calculated according to May 15, 2017 rates

Have you ever dealt with a ransomware attack?

  1. ayfrah

    100

  2. Anonymous

    This is an awesome report!

  3. Mike

    The actual case is that, in many circumstances, it doesn't promise you a full decryption even if you have paid the ransom. They may, or may not, know who you are and how to decrypt the file for you. Therefore, don't get tricked too easily.
    Instead, remember to back up your files regularly in case of problems.

See Mozilla Community Participation guidelines: [English | Español | Deutsch | Français]. This is a moderated comment space. We will remove comments that are offensive or completely off topic.