hackers primarily (literally) gain access to a user's computer system
using a ransomware malware, which encrypts all files with a strong
cryptographic algorithm, and demand a ransom money to be paid in
Bitcoin, in most cases between $200 and $10,000.
A (pdf)
Report published by Cyber Threat Alliance (CTA), an industry group formed last year to study emerging threats, researchers have discovered:
- 406,887 CryptoWall infection attempts
- Total of 4,046 malware samples
- 839 command-and-control server URLs to send commands and receive data
- 5 second-tier IP addresses
- 49 different CryptoWall distribution campaigns
- Out of 49, a single campaign, dubbed as "crypt100", infected as many as 15,000 computers worldwide
- cybercriminals behind the ransomware are likely to a singular group due to several similarities
- Same hacker group generated more than $18 Million in the past year alone from previous versions of CryptoWall.
In summary, this single cybercriminal ring has generated as
much as $325 million from the money paid by hundreds of thousands of
CryptoWall 3.0 victims around the world to get their encrypted files
unlocked.