BROOKLYN, New York -- The murky ecosystem of ransomware payments comes into focus in new research led by Damon McCoy, an assistant professor of computer science and engineering at the NYU Tandon School of Engineering.
Ransomware attacks, which encrypt and hold a computer user's files hostage in exchange for payment, extort millions of dollars from individuals each month, and comprise one of the fastest-growing forms of cyber attack.
In a paper slated for presentation at the IEEE Symposium on Security and Privacy in May, McCoy and a team including researchers from the University of California, San Diego; Princeton University; Google; and the blockchain analytics firm Chainalysis provide the first detailed account of the ransomware payment ecosystem, from initial attack to cash-out.
The paper's authors call for additional research to determine the reason that so many South Koreans are victimized and how they can be protected.
Each ransomware victim is often given a unique payment address that directs to a bitcoin wallet where the ransom is collected.
The research team tapped public reports of ransomware attacks to identify these addresses and correlate them with blockchain transactions.