Ransom malware costs $18 million in losses, says FBI

The FBI says the file-encrypting malware can cost individuals anywhere between $200 and $10,000 each time.
Written by Zack Whittaker, Contributor
(Image: Kaspersky)

Malware that locks a user's files until a ransom is paid is costing consumers as much as $18 million, the FBI said.

In an online bulletin at the Internet Crime Complaint Center, which works in conjunction with the FBI and other agencies, the financial impact to victims can go "beyond" the ransom fee itself, including legal fees and technical countermeasures.

"The problem begins when the victim clicks on an infected advertisement, email, or attachment, or visits an infected website," said the note. "Once the victim's device is infected with the ransomware variant, the victim's files become encrypted."

Although the FBI is trying to tackle the malware, it's becoming notoriously difficult to unmask.

The malware is spread through email and phishing campaigns -- often spread widely for the greater financial reward. But cracking the software isn't easy. The ransomware often connects to command-and-control servers located on the dark web, making it hard to find and deactivate.

Not making matters better, the ransom is often demanded in Bitcoin, which is generally quicker than a bank transfer but also more difficult to trace.

In more than a year, the IC3 received almost 1,000 CryptoWall-related complaints, the note said.

However, some are working to counter the efforts with "rescue kits," in order to unlock files without having to pay any ransom fee.

Editorial standards