At least 47 out of 62 ransomware discovered by Kaspersky Lab research in 2016 was developed by Russian –speaking cybercriminals. This is one of the found results of the Russian-speaking underground, conducted by Kaspersky Lab researchers.
Crypto ransomware (data encryption software for ransom) – is a type of malware which encrypts files and requires for ransom of victims in exchange for the decryption, which is one of the most dangerous type of malwares. According to the Kaspersky Lab, in 2016 more than 1,445,000 users ( including corporation) were attacked by this type of malware all over the world. To better understand the nature of this attack, Kaspersky Lab researchers have conducted an evaluation of the Russian-speaking underground community. One of the result showed that an increasing attacks from ransomware in recent years is due to there has been a very flexible and user-friendly underground ecosystem, allowing cybercriminals carry out their own attack with any level of computer skills and financial resources.
According to Kaspersky Lab estimation, the total daily revenue of this program might reach ten or even hundred of thousand dollars, of which number about 60% is net profit.
Besides, Kaspersky Lab researchers can identify a lot of large group of Russian-speaking criminals specializing in crypto ransomware development and distribution during their research into underground ecosystem and multiple incident response operations. These groups may have 10 members, each has one attack program and the list of victims in which not only does include ordinary Internet users, but also small and medium-sized companies and even enterprises. At the beginning, its target entities are Russian and CIS users, these groups are now aiming at many companies around the world.