A ransomware is a malicious softwares installed on a computer system, used by an attacker to convince a victim to either pay a ransom for the malware to be removed or their data will be released or both.
In other situations, the attacker threatens to shut the victim out of their computer systems entirely. To avoid any of the aforementioned negative outcomes, the victim agrees to pay a ransom to gain full access to their computer systems.
Based on a 2022 report on crypto crime by Chainalysis, the increase in activities of ransomwares, with over 10,000 incidents in 2022, is caused by new actors using affiliate marketing to spread their attacks.
Affiliates are designated sales persons or businesses who sell the product and services of a business they don’t own for a share of profit or bonus or both.
Ransomware-as-a-service
Chainalysis noted that in the midst of the proliferation of ransomware strains in the market, “the actual number of individuals who make up the ransomware ecosystem is likely quite small”. Because of the ransomware-as-a-service model, creators of this malware allow other cybercriminals to implement their softwares with a promise of gains.
The report highlighted that while there were more active ransomware services in 2022, the majority of them are the result of affiliates who can activate several strains of malware from different companies at once. It has grown to become the “gig economy of ransomwares”.
A case with Conti
Citing an example with Conti, a ransomware company based in Russia, Chainalysis explained that after the exposure of the connection between the company and the Russian government in February 2022, users lost trust in the company.
But more importantly, when it announced it was shutting down later in the year, there was a spike in the number of affiliates attached to other ransomware businesses.
This is believed to have come from Conti users as well as former Conti team. “Conti’s closure drove many affiliates to conduct attacks for other strains whose ransom victims were more likely to pay,” Chainalysis said.
Drop in lifespan of ransomwares
The report also added that over the years, the lifespan of ransomwares have decreased. In 2020, the average lifespan for ransomware was pegged at 265 days. It was reduced to 153 days and 70 days in 2021 and 2022 respectively.
This reduction is linked with the fact that attackers are working with various strains at the same time and want to also make their activities as unclear as possible.
Read also;
How oracle manipulation attacks work; Avraham Eisenberg claims its legal
Why romance scam thrives in bull & bear markets