Salted Hash Ep 6: Ransomware marketplaces and the future of malware

On this week's episode of Salted Hash, we're joined by Carbon Black's Rick McElroy to discuss ransomware markets and the future of malware

Would you give up a customer's data or credentials if that was the demand in a ransomware attack? No financial payment, just a password, or a document. That's a nightmare scenario, and it's just one of the few that Steve Ragan and Rick McElroy, Security Strategist at Carbon Black talk about on this week's episode of Salted Hash.

Throughout the episode, Rick and Steve discuss a recently published report on ransomware economies. CSO's coverage of that report is available now. In addition, they also discuss how ransomware is being spread now that email is no longer a primary delivery method, attacks on platforms other than Windows, and the future of malware.

To briefly recap, the marketplace for ransomware is cutthroat. While some vendors are making $100,000 a year or more on ransomware development or sales, the bottom feeders are barely holding on.

However, because ransomware is a turnkey business for some criminals, and victims still pay the ever-increasing demands for ransom, it's become a billion-dollar industry that shows no signs of going away any time soon.

Ransomware kits sell for about $10 for basic offerings, but can get costly depending on the amount of customization or targeting required. For example, one kit, which was fully customized, went for about $3,500, while another one targeting Android sold for $250.

Again, because victims pay the ransom (for whatever reason) ransomware developers have an incentive to keep producing product. For that reason alone, the market supporting ransomware is expected to keep growing.

Security Smart: 4 Common Password Myths ... Debunked!