On a bitter cold Friday in January, an ominous warning popped up on a computer screen at the Chamber of Commerce in Bennington, Vt.
The warning — next to a ticking countdown clock — threatened to destroy all data on the computer if the chamber refused to pay a $400 ransom within 40 hours.
Local computer whiz Max Squires quickly identified the culprit: CryptoLocker, computer malware that freezes access to every file, including photos, documents and programs with a secret pass key known only to the hacker.
Hackers operating on the Internet’s “Dark Web” are spreading a new, more sophisticated generation of the malicious software known as “ransomware,” anonymously shaking down anyone with an unprotected computer, from lawyers and cops to small businesses. Where small groups of anonymous hackers once hit individual consumers, the hackers have now organized into crime syndicates that boldly launch massive attacks against entire companies, computer experts and law enforcement authorities said.
Some victims get lost in the cumbersome details of the ransom payment process and run out of time, leaving their computers locked forever. Others pay right away and have their computers unlocked. Still others pay up, only to have the hackers run off with the money — and with the secret key.
Computer-threat researchers at Dell SecureWorks, who along with other security companies first identified the CryptoLocker attacks in September, estimate that the virus struck 250,000 computers in its first 100 days last fall. An Italian researcher who traced ransoms paid by victims in the anonymous digital currency bitcoin discovered that the hackers had set up more than 2,000 online “wallets” to accept ransoms. In three months, the researcher traced 771 ransom payments, eventually worth $1.1 million as bitcoin rose in value. Those ransoms, the researcher found, were transferred to a central online wallet on Nov. 23 that contained bitcoins worth $6 million.
SOURCE: Donna Leinwand Leger