Russian-speaking code writers fuel ransomware ‘business,’ says report

Several large groups of Russian-speaking cyber criminals have been identified as specialists in crypto ransomware development and distribution, which is surging globally according to attack statistics gathered by antivirus/cybersecurity provider Kaspersky Lab.

Ransomware encrypts its victim’s files and demands a payment in exchange for decryption. The rise in ransomware — which experienced a resurgence in 2016 thanks to its ease to procure, circulate and monetize through cryptocurrencies — is examined in a blog on this malware ecosystem by Anton Ivanov.

In 2016, 62 new ransomware families were discovered, and more than 54,000 ransomware modifications were identified. This proliferation resulted in Kaspersky Lab registering ransomware attacks against 1,445,434 users worldwide — one every 10 to 40 seconds by the third quarter of 2016.

Of those new families, at least 47 were developed by large groups in Russia that unite tens of different partners with affiliate programs to launch ransomware campaigns.

While the reasons so many ransomware families have Russian-speaking code-writers are not yet fully known, the base for ransomware is growing because it is malware that can be utilized for measurable gain with almost any level of computer skills and financial resources.