Inside money, markets, and big tech

Report: Cryptocurrency ransomware payments up 90%, thanks to Ryuk

Watch out for ransoms

Ransomware attacks are still doing the rounds and one in particular appears to be gaining pace.

Cryptocurrency payments made to ransomware attackers increased nearly 90 percent in Q1 2019 over the previous quarter, according to ransomware support firm Coveware’s latest report.

In the first quarter of the year, the average daily ransom being paid to attackers rose to $12,762 from $6,733 in Q4 2018. According to the report, an increase in expensive infections is responsible for the jump.

Credit: Coveware

As ever, Bitcoin remains the most popular payment method for ransomware; 98 percent of attacks ask for the cryptocurrency as payment.

Coveware compiled anonymized data gathered by their incident response team to collect the data. It should be noted, the findings are indicative only of those that contacted the data recovery firm for help.

One ransomware in particular, Ryuk, appears to be single-handedly responsible for this dramatic increase. On average, Ryuk demands around $288,000 per attack; other attackers generally demand less than $10,000 per attack.

Credit: Coveware

“Ryuk is just one of dozens of types of Ransomware observed impacting companies during the quarter,” CEO and co-founder of Coveware told Hard Fork.

“Ryuk ransoms are much higher than others, [it] was not even close to being in the top 3 in our last report (Q4), so its increase in market share and corresponding high average ransoms pulled the average up,” he continued.

Ryuk‘s market share sits at 18 percent, putting it in third place behind GrandCrab and Dharma, with 20 percent and 27.8 percent respective market share.

Credit: Coveware

Ransomware like Ryuk encrypts the targets’ hard drives, locking data until victims contact the hackers and pay a Bitcoin ransom to have their data restored.

The financial costs associated with ransomware attacks extend far beyond the cost of data recovery. The report states that businesses lose an average of 7.3 work days to attacks, and an estimated $64,645 in additional downtime related costs.

Last year, squad of cybersecurity firms tracked a series of Ryuk attacks, which collected over 705 BTC in just five months, estimated to be worth the equivalent of $3.7 million at the time.

It’s not all bad news, though. Victims that paid for a ransomware decryptor, rather than succumbing to attackers demands, were able to recover 93 percent of their data on average.

Did you know? Hard Fork has its own stage at TNW2019, our tech conference in Amsterdam. Check it out.

Published April 18, 2019 — 13:00 UTC