While the cryptocurrency industry is gradually entering its stage of adolescence, Bitcoin remains the darling of ransomware attackers. Coinware, a startup that helps small companies to handle ransomware, has recently revealed the average daily Bitcoin ransom has grown 90 percent in Q1 2019.
The attackers’ appetites are growing
The sudden increase is almost solely attributed to the appearance of Ryuk ransomware that specifically targets big companies with low downtime tolerance. On average, victims fork out an eye-popping $286,557 in order to retrieve the files that were held hostage by Ryuk.
An in-depth analysis of Ryuk linked the virus to the HERMES operators or the notorious North Korean APT Lazarus Group. Despite the fact that this form of ransomware has relatively low technical capabilities, its creators have already raked in more than $3.7 mln.
This is what their typical ransom note looks like:
(Source: Check Point Research)
Crypto as the only option
The report points out that cryptocurrency is the most preferable payment method with 98 percent of the attackers. In turn, Bitcoin is the most popular cryptocurrency for ransomware payments. Bad actors are not likely to switch to another cryptocurrency since Bitcoin, despite only being pseudo-anonymous, is the most conventional coin.
Bitcoin can be easily mixed or exchange for other privacy coins. GandCrab, for example, also accepts Dash, and if you choose to go with Bitcoin, you will have to pay an extra fee of 10 percent to cover coin mixing expenses.