A research done by Google suggests that hackers have earned at least $25m (£19m) from ransomware in the last two years.
Google artificially created thousands of virtual victims of ransomware to expose how the payment system work while involving malware.
During a talk at Black hat it was revealed that most of the money was made in 2016.
However, most of the money was made by specific two types of ransomware, but other variants were also significant.
"It's become a very, very profitable market and is here to stay," said Elie Bursztein, a researcher in Google, along with colleagues Kylie McRoberts and Luca Invernizzi, carried out the research.
Ransomware is a destructive software that damages the machine and then encrypts the texts that cannot be used or read. The files are restored to its original form only when the user agrees to pay some amounts, and payments are typically made using the Bitcoin virtual currency.
Mr. Bursztein said, "Google used several different methods to work out how much cash was flowing towards ransomware creators."
"The data gathered in this stage was also used to find more variants of ransomware and the 300,000 files it found broke down into 34 of them," he said.
The most popular ransomware's were the Locky and Cerber families. Locky collected about $7.8m (£5.9m) and Cerber $6.9m (£5.2m).
The researchers found out that more than 95% of Bitcoin payments for ransomware were cashed out via Russia's BTC-e exchange.
Morever, on 26 July, Greece arrested one of the founders of BTC-e, Alexander Vinnik, on money laundering charges. After US police issued a warrant against them, and his extradition to America is being sought.
"Ransomware is a fast-moving market," he said. "There's aggressive competition coming from variants such as SamSam and Spora."
"It's no longer a game reserved for tech-savvy criminals," he said. "It's for almost anyone."
Google artificially created thousands of virtual victims of ransomware to expose how the payment system work while involving malware.
During a talk at Black hat it was revealed that most of the money was made in 2016.
However, most of the money was made by specific two types of ransomware, but other variants were also significant.
"It's become a very, very profitable market and is here to stay," said Elie Bursztein, a researcher in Google, along with colleagues Kylie McRoberts and Luca Invernizzi, carried out the research.
Ransomware is a destructive software that damages the machine and then encrypts the texts that cannot be used or read. The files are restored to its original form only when the user agrees to pay some amounts, and payments are typically made using the Bitcoin virtual currency.
Mr. Bursztein said, "Google used several different methods to work out how much cash was flowing towards ransomware creators."
"The data gathered in this stage was also used to find more variants of ransomware and the 300,000 files it found broke down into 34 of them," he said.
The most popular ransomware's were the Locky and Cerber families. Locky collected about $7.8m (£5.9m) and Cerber $6.9m (£5.2m).
The researchers found out that more than 95% of Bitcoin payments for ransomware were cashed out via Russia's BTC-e exchange.
Morever, on 26 July, Greece arrested one of the founders of BTC-e, Alexander Vinnik, on money laundering charges. After US police issued a warrant against them, and his extradition to America is being sought.
"Ransomware is a fast-moving market," he said. "There's aggressive competition coming from variants such as SamSam and Spora."
"It's no longer a game reserved for tech-savvy criminals," he said. "It's for almost anyone."