Cyber-thieves have made at least $25m (£19m) from ransomware in the last two years, suggests research by Google.
The search giant created thousands of virtual victims of ransomware to expose the payment ecosystem surrounding the malware type.
Most of the money was made in 2016 as gangs realised how lucrative it was, revealed a talk at Black Hat.
Two types of ransomware made most of the money, it said, but other variants are starting to emerge.
“It’s become a very, very profitable market and is here to stay,” said Elie Bursztein from Google who, along with colleagues Kylie McRoberts and Luca Invernizzi, carried out the research.
Ransomware is malicious software that infects a machine and then encrypts or scrambles files so they can no longer be used or read. The files are only decrypted when a victim pays a ransom. Payments typically have to be made using the Bitcoin virtual currency.
Mr Bursztein said Google used several different methods to work out how much cash was flowing towards ransomware creators.
As well as drawing on reports from people who had paid a ransom, it sought out the files used to infect machines and then ran those on lots of virtual machines to generate “synthetic victims”, he said.