Ransom malware costs $18 million in losses, says FBI

Malware that locks a user's files until a ransom is paid is costing consumers as much as $18 million, the FBI said.

In an online bulletin at the Internet Crime Complaint Center, which works in conjunction with the FBI and other agencies, the financial impact to victims can go "beyond" the ransom fee itself, including legal fees and technical countermeasures.

See also

7 things you probably don't know about the hidden 'deep' web

The deep and dark web may have a reputation for the illegal and illicit, but it can be a lifeline to many in oppressive and dangerous regimes.

Read now

"The problem begins when the victim clicks on an infected advertisement, email, or attachment, or visits an infected website," said the note. "Once the victim's device is infected with the ransomware variant, the victim's files become encrypted."

Although the FBI is trying to tackle the malware, it's becoming notoriously difficult to unmask.

The malware is spread through email and phishing campaigns -- often spread widely for the greater financial reward. But cracking the software isn't easy. The ransomware often connects to command-and-control servers located on the dark web, making it hard to find and deactivate.

Not making matters better, the ransom is often demanded in Bitcoin, which is generally quicker than a bank transfer but also more difficult to trace.

In more than a year, the IC3 received almost 1,000 CryptoWall-related complaints, the note said.

However, some are working to counter the efforts with "rescue kits," in order to unlock files without having to pay any ransom fee.