Evolution of Ransomware

Expert centerCategory: RansomwareEvolution of Ransomware
Benson Staff asked 4 months ago
1 Answers
Arun K R Staff answered 4 months ago
  • 1989- AIDS Trojan(PC Cyborg)- The first ever ransomware virus was created in 1989 by Harvard-trained evolutionary biologist Joseph L. Popp.
  • 2006 – Archiveus Trojan- The first ever ransomware virus to use RSA encryption was introduced.
  • 2006 June- GPcode- An encryption Trojan which spread via an email attachment purporting to be a job application, used a 660-bit RSA public key.
  • 2007- WinLock- In 2007, another type of ransomware circulated that did not involve encryption, but simply locked out users.
  • 2008- GPcode.AK – used 1024-bit RSA key
  • Mid 2011-  The first large scale ransomware outbreak, and ransomware moves into the big time due to the use of anonymous payment services, which made it much easier for ransomware authors to collect money from their victims.
  • January 2012- The cybercrime ecosystem comes of age with Citadel, a toolkit for distributing malware and managing botnets that first surfaced in January 2012.
  • March 2012 – Citadel and Lyposit lead to the Reveton worm, an attempt to extort money in the form of a fraudulent criminal fine. Reveton first showed up in European countries in early 2012. 
  • April 2012 – Urausy Police Ransomware Trojans are some of the most recent entries in these attacks and are responsible for Police Ransomware scams that have spread throughout North and South America since April of 2012.
  • November 2012 – Another version of Reveton was released in the wild pretending to be from the FBI’s Internet Crime Complaint Center (IC3). 
  • July 2013 – A version of ransomware is released targeting OSX users that runs in Safari and demands a $300 fine. The year 2013 also witnessed the rise of Svpeng, a mobile Trojan which had targeted Android devices.
  • August 2013 – A version masquerading as fake security software known as Live Security Professional begins infecting systems.
  • September 2013 – CryptoLocker, the first cryptographic malware is released.
  • November 2013 – The ransom changes. The going ransom was 2 Bitcoins or about $460, if they missed the original ransom deadline they could pay 10 Bitcoins ($2300) to use a service that connected to the command and control servers. In late December, Crypto Locker has been released.
  • February 2014 – CryptoDefense is released.
  • April 2014 – The cyber criminals behind CryptoDefense released an improved version called CryptoWall.
  • July 2014 – The original Gameover ZeuS/CryptoLocker network resurfaced no longer requiring payment using a MoneyPak key in the GUI, but instead users must to install Tor or another layered encryption browser to pay them securely and directly.
  • August 2014 – SynoLocker encrypts the files one by one.
  • Late 2014 – TorrentLocker- It spreads through spam and uses the Rijndael algorithm for file encryption rather than RSA-2048. 
  • Early 2015- CrytoWall takes off, and replaces Cryptolocker as the leading ransomware infection.
  • June 2015- “resume ransomware”.
  • October 2015- A new ransomware strain spreads using remote desktop and terminal services attacks. The ransomware is called LowLevel04 and encrypts data using RSA-2048 encryption; the ransom is double from what is the normal $500 and demands four Bitcoin. 
  • November 2015 – CryptoWall v4.0 released
  • January 2016 – First Javascript-only Ransomware-as-a-Service Discovered.
  • January 2016 – A stupid and damaging new ransomware has come to the scene called 7ev3n encrypts your data and demands 13 bitcoins to decrypt your files
  • February 2016 – Ransomware criminals infect thousands with a weird WordPress hack.
  • April 2016 – It is been released a new strain of ransomware called Jigsaw starts deleting files if you do not pay the ransom. Cyber-criminals collected $209 million in the first three months of 2016 by extorting businesses and institutions to unlock computer servers. 
  • Late April 2016 – Scary New CryptXXX Ransomware has been released which is capable of stealing your bitcoins.

Source: https://www.opsfolio.com/evolution-of-ransomware/