TorrentLocker criminals' £25 million ransomware haul revealed

A group of cyber criminals has earned somewhere in the region of $40 million (£25 million) since March this year through the use of ransomware.

The collective behind TorrentLocker, which locks down the victim’s computer and encrypts important files until they pay a ransom fee, has received 82,000 bitcoins in that time.

Read more: Warning: CryptoLocker is back to steal your money

Security research firm Eset made the discovery and, based on the fluctuating value of the cryptocurrency, expects the attackers to have made anywhere between £16 million and £34 million, with a rough estimate likely to lie around £25 million.

Torrentlocker is one of a series of different malware programs, dubbed ransomware, which also includes CryptoLocker and CryptoWall, and is usually spread via phishing emails. The program was originally discovered back in August focusing on the UK and Australia, but it has now expanded its targets to include Italy, Germany and other European nations.

Robert Lipovsky, a security researcher at Eset, described the malware campaign as sophisticated and explained that the cryptography keys are stored on a remote server, meaning there was no way of decrypting the victim’s files other than submitting to the criminal’s demands.

In the UK, TorrentLocker predominantly targets individuals by sending fake emails designed to look like messages from Royal Mail. Victims are then told to visit a specific website in order to track a delivery, which results in the installation of TorrentLocker and the locking down of their computer.

Read more: IT professionals scared stiff of ransomware

Some ransomware programs suggest that the victim’s PC has been locked by the police or a government agency, but TorrentLocker does not . Instead the criminals behind the malware provide advice and tips for those unfamiliar with bitcoins on how they can pay the ransom fee.