On April 13-14, 2017, the world saw an unparalleled cyber attack, but very few victims fulfilled the hackers’ demands and paid a ransom. On Friday, April 12, the computers of many users got infected with the ransom-demanding malware. The hackers wanted the victims to pay 300 bucks in BTC within 3 days, or else their computers would get locked permanently, with all data lost. Obviously, the malefactors have opted for a cryptocurrency because of how difficult it is to track BTC transactions.
Three days later, on April 15, Elliptic Enterprises (a UK firm engaged in tracking illicit BTC transactions) reported the hackers’ efforts had brought them as little as $50,000. To obtain this figure, the firm tracked BTC transfers to the address provided by the ransom-demanding malware.
According to experts, the first reason for such a low amount of ransoms paid by victims is that organization shad enough time to backup any data from their computers. Secondly, Bitcoin is an absolute terra incognita for most people. For those unfamiliar with its principles of operation, making a BTC-denominated transaction is incomparably more difficult than, for example, buying stuff from Amazon. The hackers even deemed it necessary to provide links to step-by-step instructions in their ransomware.
Worth noting, making a payment in BTC isn’t a piece of cake for an average person who has never dealt with digital money. First of all, such a person (or business, as corporate computers were infected with the ransomware, too) has to complete the registration and verification procedures. Next step is to use the credit card to buy bitcoins. As some countries (for example, the UK) don’t yet have such an exchange, the victim might have to convert the funds into another currency first. Only after completing all these steps the victim is able to send the ransom to the address specified by the hackers. Most of the users of the affected computers seem to have been unable to cope with the task.
According to an officer of a UK digital security company, this recent attack features one major distinction. As a rule, perpetrators operating in the cyber space promise to unlock all the affected computers as soon as they receive one big ransom. Quite often it’s thousands of dollars. However, this time, the hackers acted contrary to the usual scheme and opted for the piecemeal approach, demanding many small ransoms from a large number of users.