Russia really is the centre of ransomware development – Kaspersky

Kaspersky are a Russian security software company, they have recently revealed upon their research that around 75% of the top crypto-ransomware packages in the past 12 months were developed by Russian or Russian-speaking, cyber criminals.

Recently, Anton Ivanov who is Kaspersky’s senior malware analyst revealed this information at the RSA Security conference in San Francisco.

“Out of the 62 crypto ransomware families discovered by the company’s researchers in the past year, 47 of them were developed by Russian-speaking cybercriminals,” according to Kaspersky’s Jeffrey Esposito, covering Ivanov’s presentation for Kaspersky.

He continued: “What makes that figure even more staggering is that these ransomware families according to Kaspersky Lab telemetry attacked more than 1.4 million people around the globe in 2016.”

He is saying that the reason why ransomware has erupted so much in recent years is because it has become fairly easy to buy ransomware build or builder from the underground market, along with its additional services due to crypto-currencies like bitcoin making it quick and easy to make money from.

In other words, this is a fine tuned, user friendly and constantly developing ecosystem,” writes Ivanov in a paper examining the industry.

“It is hard to draw strong conclusions on why so many of the ransomware families out there have a Russian origin, but it is safe to say that this is because there are a lot of well-educated and skilled code writers in Russia and its neighbouring countries,” added Ivanov.

He continued: “Another possible reason is that the Russian cybercriminal underground has the richest background when it comes to ransomware schemes. Prior to the current crypto ransomware wave, there was another ransomware-themed malware epidemic.

“Between approximately 2009 and 2011, thousands of users in Russia and its neighbouring countries experienced attacks which used so-called Windows- or browser-lockers.