Johannes B. Ullrich, chief research officer at the SANS Institute stated that “A compromised personal computer for a botnet or Distributed Denial of Service attack is worth about a buck to a byte bandit.” He added that cyber-criminals can easily make 100 dollars and more with the ransomware.
Garth Bruen, a fellow with the Digital Citizens Alliance, a consumer safety group focused on online crime, stated that the people selling the software were the same people who infected the machine, which later came to be known as ‘ scareware ‘.
What makes the malware different from other malicious software is that it uses strong encryption. Files and documents on machines infected with the Trojan are scrambled using AES 256-bit encryption. CryptoLocker holds the victim’s PC hostage till they pay a ransom amount.
Jarvis, of SecureWorks states that the CryptoLocker crew is known for maintaining good customer relations. “They’re honoring people who do pay the ransom. In most cases they’re sending the decryption keys back to the computer once they receive payment successfully,” he explained. “We don’t know what the percentage of people who successfully do that is, but we know it’s part of their business model not to lie to people and not do it.”
McAfee’s latest report states that ransomware is becoming an increasing problem with more number of incidents reported in the first half of 2013 than in all previous periods combined. The 2013 Norton report highlighted that India has emerged as the ransomware capital of Asia Pacific.