Three Quarters of All Ransomware Signed by Russian Speakers

Bot

Bot

AI-powered Bot
Thread author
Apr 21, 2016
4,374
three-quarters-of-all-ransomware-signed-by-russian-speakers.png

Everyone knows Russian hackers are extremely busy people, but knowing that about 75% of all ransomware is made by Russian-speaking cyber criminals is still surprising.

According to senior malware analyst at Kaspersky Lab, Anton Ivanov, out of the 62 crypto ransomware families discovered by the company's researchers in the past year, 47 of them were developed by Russian or Russian-speaking people.

"This conclusion is based on our observation of underground forums, command and control infrastructure, and other artefacts which can be found on the web. It is hard to draw strong conclusions on why so many of the ransomware families out there have a Russian origin, but it is safe to say that this is because there are a lot of well-educated and skilled code writers in Russia and its neighboring countries," Kaspersky's analysis /news.softpedia.com/news/three-quarters-of-all-ransomware-signed-by-russian-speakers-513050.shtml" rel="nofollow">read more)

Continue reading...
 
Last edited by a moderator:
  • Like
Reactions: mal1, vemn, Winter Soldier and 5 others
Axelrod Sven

Axelrod Sven

Level 3
Verified
Well-known
Feb 11, 2016
132
Vipersd said:
That includes all countries from former USSR and their satellites not just present Russia, so around 300 to 400 million people.
Click to expand...
And if we (theoretically) assume that for there are 300 million people, and one in thousand is a rogue programmer, then that's 300,000 cyber criminals. And even divided by ten, that's still 30,000 programmers. And even divided by another ten, that's 3,000 programmers. Shocking.
 
  • Like
Reactions: Wave, vemn and Der.Reisende
Andytay70

Andytay70

Level 15
Verified
Top Poster
Well-known
Jul 6, 2015
737
Axelrod Sven said:
And if we (theoretically) assume that for there are 300 million people, and one in thousand is a rogue programmer, then that's 300,000 cyber criminals. And even divided by ten, that's still 30,000 programmers. And even divided by another ten, that's 3,000 programmers. Shocking.
Click to expand...
Thats a lot of bored people!
 
  • Like
Reactions: vemn
JohnBRogers

JohnBRogers

Level 1
Verified
Dec 6, 2016
21
Well this isn't a surprise at all.

First of all, ransomware was first devised in Russia almost 30 years ago.
Second of all, it's not just the number of people that could be possible hackers that affect this situation.
It's social situation that pushes them over the limit.

I don't know if any of you guys was ever in Russia or any of the ex-USSR countries, but the situation out there is far from good, and it has been like this for almost half a century now.

When your government and the whole system can't promise you a good job, steady income, a normal life in general, you have to find a way to make the most out of your situation. If you are not a type of person who goes full mob style, can't handle the gun, and think this is wrong you find another way to make money. I had a chance to meet some of the coders from that region few years ago and the whole malware scene over there is quite strong.

I do not approve ransomware, or any other malware, to be clear, but I can understand people with a lot of knowledge and experience who became tired of working in supermarkets or some "companies" that treat them like idiots and pay minimal wage. At some point, these people just flip and start making ransomware, or whatever in order to make some money and live a normal life.
It's sad, but true!
 
  • Like
Reactions: Nightwalker and vemn
Winter Soldier

Winter Soldier

Level 25
Verified
Top Poster
Well-known
Feb 13, 2017
1,486
Malcoders write malicious code by selling it in the deep web and the black market doing it as a real job.
Indeed, in recent years, most of the dangerous malware and ransomware are produced by organizations composed of hundreds of people who do this work fulltime. Organizations that continue to research new vulnerabilities by taking advantage of them, with the only aim of earn money, illegally.
 
  • Like
Reactions: vemn and shmu26
shmu26

shmu26

Level 85
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Jul 3, 2015
8,153
Winter Soldier said:
Malcoders write malicious code by selling it in the deep web and the black market doing it as a real job.
Indeed, in recent years, most of the dangerous malware and ransomware are produced by organizations composed of hundreds of people who do this work fulltime. Organizations that continue to research new vulnerabilities by taking advantage of them, with the only aim of earn money, illegally.
Click to expand...
let Kaspersky hire them.
 
  • Like
Reactions: Andytay70, vemn, Dmitry_rus and 1 other person
W

Wave

Andytay70 said:
Thats a lot of bored people!
Click to expand...
Trust me malware development can be incredibly fun if you know what you're doing, I do it myself except mine is for good purposes (testing products, helping me with product development, learning... etc.), and theirs is for making money (which causes them to become motivated -> they want money without a proper genuine and legal job).

On the dark web there are tons of market places with vendors selling ransomware source codes, offering RAT services, etc... They make a ton of money from it. One sale can land them over the £500 mark and they get hundreds, if not then thousands of purchases. Do the math, that's a ton of money... They are rich because of it.

However a lot of the time they get caught out and arrested for breach of the Computer Misuse Act depending on how large-scale they are and how dangerous the sales are. The government/police won't care unless it causes a lot of damage or something very powerful is being sold... So for a RAT source code using the Win32 API I doubt anything will happen, but for a dangerous exploit then they have more risk of getting caught since authorities may spend more resources trying to identify the person behind the vendor sales.

Also when market places over there have bad hosting or are not secure then they can be hacked and then the user credentials can be leaked showing who bought what and maybe details on the seller. Usually if a PGP key isn't used for the transmission of messages then in this situation the authorities would spend more time tracking down people who weren't using PGP since it's easier to check what's going on without investing lots of time in decryption of it all...

Something like this happened recently on a market place, read it on the news, tons of people were exposed for having signed up to a market place and it even had tracks of who bought what and when.
 
  • Like
Reactions: Winter Soldier
You must log in or register to reply here.

Similar threads

silversurfer
    • +Reputation
    • Like
BlackCat Ransomware Deploys New Signed Kernel Driver
Replies
0
Views
1,173
News Archive
silversurfer
silversurfer
Gandalf_The_Grey
    • Wow
    • Sad
    • Like
Hospital Clínic de Barcelona severely impacted by ransomware attack
Replies
0
Views
646
News Archive
Gandalf_The_Grey
Gandalf_The_Grey
LASER_oneXM
    • Like
Ransomware: These two gangs are behind half of all attacks
Replies
0
Views
709
News Archive
LASER_oneXM
LASER_oneXM

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top