Research from Carbon Black have found a 2502% sales increase in ransomware from 2016 to 2017

Ransomware dark web economy growing at annual rate of 2,500pc

THIS is turning out to be a notorious year for the dark world of Ransomware. CryptoLocker, GoldenEye, and WannaCry are just a few examples of cyber attacks which have cost global businesses an estimated US$1 billion in 2017.

With attention surrounding Ransomware increasing at a fast rate, Carbon Black’s Threat Analysis Unit (TAU) have relied upon their own intelligence network to investigate the darkest corners of cyberspace, where ransomware is being created, bought and sold in underground economies.

The research carried out by Carbon Black, a leading provider of next-generation endpoint security, found that from 2016 to 2017, there was a 2,502 percent increase in the sale of Ransomware on the dark web. This large increase can be attributed simply to supply and demand.

Cybercriminals are seeing many opportunities to make money quick via such means. To many, the appeal of Ransomware is that unlike other forms of cyberattacks, it can be quickly and simply deployed with a high likelihood of profit.

SEE ALSO: Is security automation the answer to the global shortage of cybersecurity talent?

In fact, the TAU research found that the simplicity of such attacks is enticing even the most amateur cybercriminals to launch attacks via DIY kits, providing successful authors with annual incomes into six figures.

Key findings

The study found there are currently an estimated 6,300 marketplaces on the dark web selling Ransomware, with around 45,000 ransomware sale listings. DIY kits were found to range in price from $0.50 to $3,000.

Price listings of DIY kits found on the dark web. Source: Carbon Black

From 2016 to 2017, the ransomware marketplace has grown from nearly US$250,000 to US$6.2 million, showing a growth rate of 2,502 percent.

With some sellers making more than US$100,000 annually, this is double the salary many legitimate software developers are making. According to, these developers earn an average of US$69,000 per year.

Ransomware developer salary vs legal software. Source: Carbon Black

Although Ransomware has been around for some time, the proliferation of Bitcoin and the anonymity network Tor has allowed perpetrators to mask their activities.  This has made attribution and takedowns incredibly difficult for law enforcement organizations.

Bitcoin allows money to be transferred in a way that makes it almost impossible for it to be followed. Traditionally, bank transfers and card transactions help in the process of taking down cybercriminals. But with the rise of these innovations, it is taking law enforcement officers increasingly longer to pinpoint perpetrators.

SEE ALSO: How a Malaysian ICT association plans to curb losses from cyberattacks