18 septiembre, 2024

Characteristics of current ransomwares

Do you know what are the main characteristics of the ransomware from the actuality? The ransomware They are programs that fulfill the function of encrypt the most important files on a computer and then collect a sum of money as a ransom, in exchange for the key to decrypt the data. This file hijacking system has become a multimillion-dollar industry, where cybercriminals divide functions and distribute commissions for their crimes. Next, we will talk about the main characteristics of the ransomware current and how sophisticated they can be.

Characteristics of current ransomwares

The main aspect that defines the characteristics of the ransomware current is that the creation and distribution functions of this type of malware They are arranged in a rather elaborate manner.. Next, we will see how these operations are organized, but first, it is necessary to briefly talk about what the business of the ransomware as a service.

Ransomware as a service

He ransomware as a service is a business model that particularly characterizes the use of this type of malware. The initiative emerged in the world of crime in 2016 and, since then, more and more cases have been observed. more elaborate operations.

He ransomware as a service consists of the subscription rental of these programs, in exchange for low sums of money and/or commissions for the ransoms paid by the victims of these software. In 2021, due to this model, more than $5.2 trillion in bitcoin transactions related to the payment of ransoms were recorded. ransomware.

Although one of the main characteristics of the ransomware current is its business model, below we will see in detail how the functions are distributed in this industry and what is the set of actors involved in it.

Developers

Do you know what the main characteristic of ransomware is currently?

The developers of these malware They are the ones who provide the subscription services to acquire them and, in this way, they avoid the work of having to distribute it. In exchange for this, the creators of malware They get commissions for each successful cyber attack that their clients execute.

The development and rental by subscription of ransomware It usually occurs in very closed illicit ecosystems and This secrecy is another main characteristic of ransomware today. The creators of these software They may implement strict restrictions by country, political orientation, or affiliate reputation.

Affiliates

The affiliates are the cybercriminals who acquire these services and the problem is that they could be inexperienced people with access to high-level cyber weapons and this makes it one of the main characteristics of ransomware. Affiliates may have access to services such as technical support, the right to steal victims’ information or money laundering, among others. All this may vary depending on the price of the subscription.

Botmasters

One of the new features of the ransomware today is the existence of botmasters, who are agents that manage networks of infected computers and put them at the service of affiliates. In this way, it can give access to information theft, execution of distributed denial of service attacks and even illegal cryptocurrency mining.

Analysts

Analysts are actors in the scheme of ransomware as a service, which They are in charge of determining what is the appropriate blackmail to apply to each victim. In this way, a personalized illegal service is offered in order to investigate the appropriate amounts to request for each ransom, in order to increase the chances of success. Although it may sound like an overly specific function, it shows how elaborate this criminal scheme is.

Negotiators

In addition to analysts, there are actors in the ecosystem of the ransomware as a service that they take care of design and execute negotiation strategies to pressure victims. This is another method that attackers use to optimize the profits they obtain from each extortion and belongs to one of the characteristics of ransomware.

Money laundering

Finally, the last agent that acts in this complex scheme is the one that launders the money obtained through the use of these programs. One of the “security solutions” offered by security services ransomware is he laundering of assets through cryptocurrencies. In this way, attackers seek to close operations anonymously and keep resources.

Anonymous co-authors

Another characteristic of the ransomware current is that the co-authors who collaborate in the development and execution of the attacks try not to know each other. This is why it is so difficult (although not impossible) to trace their operations.

How to learn more?

You have already learned what ransomware characteristics are currently used. If you want to know more and become an analyst malware professional, at we have the ideal course for you to get started. Enter our Full Stack Cybersecurity Bootcamp and specialize in just 7 months. What are you waiting for? ¡Sign up now!

Deja una respuesta

Tu dirección de correo electrónico no será publicada. Los campos obligatorios están marcados con *