This Ransomware Has Ripped $25 Million Off Its Victims In Just 5 Months
Dhir Acharya
NetWalker is a ransomware variant that’s ripping money off a lot of people even during this difficult economic period. What is it?
- India Is World's Second-Most Attacked Country By Ransomware, Report
- Woman Died After Ransomware Attack Sent Her To A Remote Hospital
- The Number Of New Ransomware Modifications Doubled In Q2 2019
NetWalker is a ransomware variant that’s ripping money off a lot of people even during this difficult economic period. The malware takes computers hostages, asks for a Bitcoin ransom, and has earned a total of over Rs 187 crore ($25 million in just 5 months.
The software was found by MacAfee, who said that the business is booming in the cryptojacking market.
“The total amount of extorted bitcoin that has been uncovered by tracing transactions to these NetWalker related addresses is 2795 BTC between 1 March 2020 and 27 July 2020. By using historic bitcoin to USD exchange rates, we estimate a total of 25 million USD was extorted with these NetWalker related transactions.”
The group behind this ransomware has agreed not to attack hospitals during the COVID-19 pandemic. Another interesting thing is that the ransomware has been upgraded multiple times. The original version relied on emailed messages to unlock a user’s device. But now, it uses a pasted “security code” that users must enter to access a website that’s protected with Tor. As soon as the payment is done, the system will store the crypto in SegWit addresses for what it says faster and cheaper transaction. McAfee wrote:
“The NetWalker advertisement on the underground forum mentions instant and fully automatic payments around the time of this observed change. This makes us believe the ransomware actors were professionalizing their operation.”
When the user pays the ransom, the Tor website sends them a decryptor app that decrypts all the ransomed files.