Cyber-thieves thriving on ransomware kit

Pirate disc
Malware support groups are a scary thought

Sophos, a popular security developer and vendor, has suggested this week that cyber-thieves are looking into ways of mass-producing new forms of ransomware.

It has said that there are discussions on underground forums about ways to produce a "kit" that would mean criminals could fashion their own variants of the viruses.

Ransomware, viruses which scramble or lock away a computer's vital files, are becoming more potent and numerous in 2013. James Lyne, Sophos' global head of security research, said that ransomware is fast becoming the "market leader" in malicious code.

Just as fake antivirus software and other fake security programs gained popularity in 2012, says Lyne, the appearance of ransomware is a reactive measure. Changes to Microsoft's operating systems Windows 8 and Widows 8.1, which increase protection around certain applications, has caused criminals to change tactic.

Worryingly, he added, there was evidence that many cyber-thieves are keen to cash in on the success of others. Documents have been circulating online searching for developers to write a "kit" that anybody could use to design their own malware.

Virus design "helplines"

The kits remove the need for any technical skill on the part of the criminal and some even offer technical support help lines for those that get stuck. Thanks to these kits Sophos and other security companies see around 250,000 variants of malware every day.

Thieves are keen to emulate Cryptolocker, a successful program that locks away a computer's vital files. The virus then requests payment in the form of online currency bitcoins to unlock them again. Studies into the servers run by Cryptolocker operators found that the program has 12,000 victims per week.

Adrian Culley, former Scotland Yard cyber-cop, said that though Microsoft may have boosted its defences in the latest versions of Windows, the older systems have been left vulnerable.

Millions of machines connected to the internet still run old versions of Microsoft operating systems and could be vulnerable to a new breed of malware.