The video below is one of my favourite DEFCON talks of all time - please watch it before reading the remainder of this post:
Its been a while since I posted a thought piece, however one thing that has continually come up in discussions about ransomware is somebody going "haha [insert ransomware name here], only made $[insert arbitrary value here]". While sometimes it doesn't look like some of these huge ransomware campaigns have paid off I believe what is making ransomware so prevalent is the fact that to people ransomware provides clear incentive to its victims unlike other malware outbreaks of yesteryear.
In the DEFCON video Garry states that the software basically made no money from abusing affiliate links. This prompted his bosses to come up with a novel way to earn money so they started charging other companies to install their software. Essentially widespread ransomware is the next stage almost 2 decades on.
If you bombard users with advertising and products theres a chance some of them will buy what you are selling. However if you take away something they already have thats important to them your chances of making money significantly increase.
Also with selling / advertising products you make a tiny fraction of what the user actually pays for it with ransomware you essentially get the whole lump sum. so if you sell a $99 product through affiliate marketing you may get anywhere from a few cents to a couple dollars with ransomware you would get the whole $99.
So its simple really - why is ransomware so prevalent right now? Because its a better way to get paid for developing malware.
As always I hope you enjoyed reading this or found it useful!
Until next time,
The Security Sleuth.