Facebook Twitter google+ RSS Feed

Ransomware payments affected South Koreans the most

Monday, 26 March 2018, 04:20 Hrs
36
cmt right
28
Comment Right
55
cmt right
9
cmt right
Printer Print Email Email


South Koreans are disproportionately impacted by ransomware campaigns, with analysis revealing that $2.5 million of the $16 million in ransomware payments over the past two years was paid in South Korea.



Ransomware attacks, which encrypt and hold a computer user's files hostage in exchange for payment, comprise one of the fastest growing forms of cyber attack.



In a paper, scheduled to be presented at the IEEE Symposium on Security and Privacy at San Francisco in May, the researchers provide a detailed account of the ransomware payment ecosystem, from initial attack to cash-out.



The team comprised researchers from New York University Tandon School of Engineering; University of California, San Diego; Princeton University; Google; and the blockchain analytics firm Chainalysis.



They also found that most ransomware operators used a Russian bitcoin exchange, BTC-E, to convert bitcoin to fiat currencies.



The team estimates that at least 20,000 individuals made ransomware payments over the past two years, at a confirmed cost of $16 million, although the actual payment total is likely far higher.



The researchers took advantage of the public nature of the bitcoin blockchain technology to trace ransom payments over a two-year period.



Bitcoins are the most common currency of ransomware payments, and because most victims do not own them, the initial bitcoin purchase provides a starting point for tracking payments.



Each ransomware victim is often given a unique payment address that directs to a bitcoin wallet where the ransom is collected.



The research team tapped public reports of ransomware attacks to identify these addresses and correlate them with blockchain transactions.



The team also executed real ransomware binaries in a controlled experimental environment, essentially becoming victims themselves and making micro-payments to real ransom wallets in order to follow the bitcoin trail.



"Ransomware operators ultimately direct bitcoin to a central account that they cash out periodically, and by injecting a little bit of our own money into the larger flow we could identify those central accounts, see the other payments flowing in, and begin to understand the number of victims and the amount of money being collected," said lead researcher Damon McCoy, Assistant Professor at New York University Tandon School of Engineering.



Read more news:



Apple to stop Siri from reading hidden lock screen notifications



Need fiber network to raise bandwith, internet speed: TRAI Chairman


Source: IANS
Experts on SiliconIndia
Santhosh  K
Sr. Soft. Engg.
Oracle India
Nehal Vyas
Sr. Team Lead
Cyberoam Tech.
Rani Malli
Sr. Director
Philips
Sr. Executive
ISB
Vijay Balkrishna Konduskar
Business Consultant
Imans Web Tech
Dr L P  Sharma
Technical Director
NIC
Reena Khanna
Founder
Solitaireworld
Dellas  Asse
sys-network admin
Computer Station
Write your comment now
Submit Reset