Dark Web Ransomware Economy Growing at an Annual Rate of 2,500%

Dark Web Ransomware Economy Growing at an Annual Rate of 2,500%
Rick McElroy, Security Strategist, Carbon Black
Param Singh, Director of Threat Research, Carbon Black

CryptoLocker. GoldenEye. Locky. WannaCry. It’s no secret that 2017 is shaping up to be the most notorious year on record for ransomware. Even a casual news consumer can identify several, if not all, of the menacing ransomware attacks that have cost worldwide businesses an estimated $1 billion this year.

With ransomware illuminated in the cybersecurity spotlight, Carbon Black’s Threat Analysis Unit (TAU) leveraged its own intelligence network to investigate the deepest, darkest portions on the web, where ransomware is currently being created, bought, and sold in burgeoning underground economies.

Our research found that, from 2016 to 2017, there has been a 2,502% increase in the sale of ransomware on the dark web. This increase is largely due to a simple economic principle – supply and demand. Cybercriminals are increasingly seeing opportunities to enter the market and looking to make a quick buck via one of the many ransomware offerings available via illicit economies. In addition, a basic appeal of ransomware is simple: it’s turnkey. Unlike many other forms of cyberattacks, ransomware can be quickly and brainlessly deployed with a high probability of profit.

As our research found, these dark web economies are empowering even the most novice criminals to launch ransomware attacks via do-it-yourself (DIY) kits and providing successful ransomware authors with annual incomes into six figures.

Key Findings

1 – There are currently 6,300+ estimated dark web marketplaces selling ransomware, with 45,000 product listings. The prices for do-it-yourself (DIY) kits range from $0.50 to $3K. The median price is $10.50.

2 – Comparing 2016 vs. 2017 YTD, the ransomware marketplace on the dark web has grown from $249,287.05 to $6,237,248.90, a growth rate of 2,502%. This economy extorts, according to the FBI, ransom payments that totaled about $1B in 2016, up from $24M in 2015.

3 – Some sellers of ransomware are making more than $100,000 per year simply retailing ransomware. (This compares to $69,000 for a legitimate software developer, according to figures from PayScale.com.)

4 – The most notable innovations contributing to the proliferation and success of the dark web ransomware economy have been the emergence of Bitcoin for ransom payment, and the anonymity network, Tor, to mask illicit activities. Bitcoin allows money to be transferred in a way that makes it nearly impossible for law enforcement to “follow the money.” Bank transfers and credit card transactions traditionally aid in the quick takedown of scams. Bitcoin means there’s no bank to identify the account holder.

5 – Ransomware sellers are increasingly specializing in one specific area of the supply chain, further contributing to ransomware’s boom and economy development.

For a more in-depth discussion with Carbon Black executives on ransomware trends, please contact Avril Sindhu at +65 3157 5632 or email carbonblack@yingcomms.com.
Please find below Carbon Black’s recent headlines, which may interest you:
·         Carbon Black Continues to Serve as the Weapon of Choice When the World’s Leading Firms with Incident Response (IR) Services Battle Attackers Carbon Black announced that more than 50 of the world’s leading firms for incident response (IR) services use Carbon Black as their weapon of choice when battling attackers. Protiviti is the latest firm to join Carbon Black’s global program. Carbon Black’s Cb Response empowers Protiviti’s proactive incident response (threat hunting) services to more efficiently review endpoint processes, persistence mechanisms, and other unusual activity through a single interface.

·         Carbon Black Unveils Vision for Market’s First Predictive Security Cloud™ at Cb Connect User Conference Carbon Black unveiled its vision for the market’s first Predictive Security Cloud™ at Cb Connect, Carbon Black’s annual user conference in San Francisco. The Predictive Security Cloud is a software platform built on an extensible, cloud-scalable architecture, which consolidates endpoint data in the cloud for analytics to provide industry-leading protection from both malware and non-malware attacks.

For the LATEST tech updates,
FOLLOW us on our Twitter
LIKE us on our FaceBook
SUBSCRIBE to us on our YouTube Channel!
    Blogger Comment
    Facebook Comment