Juha Saarinen: The malware that outs your life on the Internet
What if instead of denying access to important user data, the crims were to threaten to release it on the internet?
The ransomware business model is simple and effective: trick people into running code that locks them out of the files they need (or even threaten to delete them), and demand money or else.
It's a lucrative criminal enterprise when done at internet scale, so far, ransomware has proven relatively risk-free for blackmailers. Hospitals in particular have turned out to be low-hanging fruit for ransomware bandits. Health institutions cannot afford IT system downtime for their patients' sake, yet don't have the budgets to build solid defence against digital blackmail.
The target market of potential victims is getting wise to ransomware though, backing up frequently to have clean system copies, so that they can restore encrypted, locked up files. How could criminals improve on ransomware then?
What if instead of denying access to important user data, the crims were to threaten to release it on the internet?
That's called "d0xing", which comes from documenting, and it's a tactic used to smear people by releasing their data on the internet. Depending on context, everyone has something to hide, and d0xing can be devastating for victims.
It can be anything, from a vulnerable person's home address and phone number, to your browsing history, bank details and online purchases. Malicious people can turn almost any information tidbit against you.
Now, combine ransomware with d0xing, and you get d0xware.
This is malware that once running on your computer not only locks up your files, but as an added incentive to pay the ransom, collects personal data, uploads it to a server and threatens. A US security vendor picked up on a few additional lines on the ransom demand for the Jigsaw malware whose creator has been extremely aggressive in past versions, deleting victims' files if no money was paid before the deadline ran out.
