Malware can be a highly profitable business.
Ransomware, malicious software that encrypts victims’ data and demands a pay-off in order to unlock it, has made more than $25 million (£19.1 million) in bounties over the last two years.
That’s the finding of a study from researchers at Google, Chainalysis, UC San Diego, and the NYU Tandom School of Engineering that was seen by The Verge’s Russell Brandom.
The researchers investigated 34 different types of malware, tracking payments on the blockchain (the public, decentralised ledger of bitcoin transactions) to try and analyse the scale of ransomware and the amount of money its peddlers are making from victims.
They reportedly found people had coughed up at least $25 million in an attempt to get their data back, with some types of ransomware proving more lucrative than others. “Locky,” which emerged in 2016, brought in $7 million (£5.3 million) alone.
“Locky’s big advantage was the decoupling of the people who maintain the ransomware from the people who are infecting machines,” NYU professor Damon McCoy told The Verge. “Locky just focused on building the malware and support infrastructure. Then they had other botnets spread and distribute the malware, which were much better at that end of the business.”
Ransomware made global headlines earlier in 2017 due to the “WannaCry” attack, which exploited vulnerabilities developed by the NSA to spread across the world, crippling hospitals, telecoms firms, logistics companies and more across at least 150 countries.
So long as people continue to pay up, ransomware will continue to be profitable for its pushers — so don’t expect it to stop any time soon.
Get the latest Google stock price here.