Malware easier than ever to develop & distribute. The real challenge was always how to monetizing it successfully.
On its own fake support scam is labour intensive. After investing in a call centre, many unsuccessful calls have to be made before finding a sucker who will pay up.
Ransomware on the other hand is the goose that laid the golden egg. Early releases proved the concept worked and required zero investment, but only profited from victims with the technical competence to use Bitcoin. Investing in call centres expanded the pool of potential victims to cover every sucker on earth with access to a computer.
But the real secret of ransomware’s commercial success is its efficiency - instead of spending hours on the phone looking for suckers, they call you!
And only the suckers call. Those with computing knowledge will be too busy restoring their backups.
Now we have the next logical step - the fake ransomware scam.
The irony is that the more sophisticated ransomware gangs are reportedly offering some the best customer service & support in the entire IT industry. It’s in their interest as, unlike the mainstream IT companies, they haven’t yet received your money. But in some cases even after paying up, they were offering help to customers struggling to decrypt their files.
But this wasn’t an essential part of the scheme. Indeed, once the sucker’s paid up there’s no need to actually decrypt anything. (Or even encrypt it in the first place, just delete everything and put up a convincing facarde.)
This mirrors the mainstream IT industry, where the product or service provided has gradually been cut back to the bare minimum. Just like fake ransomware, there’s no need for Adobe, Apple, Microsoft & co. to actually supply functional software. The just need to keep the pretence up long enough to part you from your money.