PayPal Anti-Ransomware Patent: End of Its Effectiveness?
Ransomware attacks and massive infections have been plaguing the business and even personal computing since 2017. Creating an atmosphere of fear makes people do something that is otherwise unbelievable, like paying for the ransom just to “recover” the lost files due to ransomware infection. Ransomware is a cash cow for the cybercriminals, with WannaCry alone earned an estimated $4 billion worth of ransom payment in the whole 2017. This has grown in the first quarter of 2019, with 90% growth in infection numbers compared to the same quarter of 2018. It is a technological invention for securing files turned upside down and used to cause trouble for computers instead, by encrypting critical user files.
Paypal, of all tech companies, has announced that they have the technology to massively fight ransomware campaigns. It is a long time in coming, as their application for the patent was pending with the U.S. Patent and Trademark office since September 2016, which has something to do with preventing the encryption process. The patent application was described as: “By detecting that ransomware is operating on a computer (e.g. by correlating between the original data and content in different cache layers), the negative effects of the ransomware may be mitigated or avoided.”
Basically, ransomware operates a time-limited decryption-key for sale business, offered to the very victims of it. Paypal has developed a way to check the cache area of the operating system (as files need to be loaded in computer memory before the CPU can manipulate it), saving its contents somewhere for later use as a comparison device. The Paypal system can, therefore, prevent an encrypted copy of the file from persisting, as it will be overwritten by the decrypted original version from a saved copy. The ransomware authors need to make major adjustments to continue its “business”.
This can be best described as disarming an armed enemy, with ransomware continues to run to the computer but unable to perform any encryption damage against the user files stored in the computer or inside a network share. The PayPal patent is designed as a lightweight system, to spare the user from incurring performance penalties while it is currently running in the system. It was only tested inside the confines of the PayPal company and no working prototype has been made available for download for public testing. Paypal has not disclosed when they will release the new product or service, or if it will only be available for Paypal users.
Though Paypal never claims that this technology will be the final silver bullet against ransomware, the company hopes to use this technology for the cybercriminals to lose its cash cow. The latter needs to go back to the drawing board in order to “finetune” their ransomware to bypass the algorithm used by the Paypal patent. Of course, the company is still strongly recommending for firms to roll-out a reliable backup system. This is because ransomware will have the least impact if the recent backup can be restored instead of paying for the ransom.
Kevin Jones951 Posts
Kevin Jones, Ph.D., is a research associate and a Cyber Security Author with experience in Penetration Testing, Vulnerability Assessments, Monitoring solutions, Surveillance and Offensive technologies etc. Currently, he is a freelance writer on latest security news and other happenings. He has authored numerous articles and exploits which can be found on popular sites like hackercombat.com and others.