"The Malware Evolution: January to March 2006" report by anti-virus firm Kaspersky Lab said criminal gangs have moved away from the "stealth use" of infected computers - stealing personal data or using computers as part of zombie networks - to direct blackmailing of victims.
It said that cyber blackmailing is done in two ways, either by encrypting data or by corrupting system information. The criminal then demands a ransom for its return to the victim. The ransom varies from $50 and $2,500.
The report found that in the first three months of 2006, there has been a concerted effort by malware writers to change the encryption methods used, in order to hinder attempts by the anti-virus industry to decrypt data. Kaspersky Lab said that holding user data hostage is one of the most dangerous and rapidly evolving types of cyber crime.
To date, the company said it has been able to restore encrypted data, but that the best form of protection is, as ever, for users to be particularly careful when downloading information.
The research also found that crossover viruses that can spread from mobile devices to desktop computers and vice versa are steadily gaining ground. One such virus, Cxover emerged in March. The virus scans the operating system of a PC and uses Microsoft ActiveSync to search for mobile devices. Once the virus has penetrated the mobile device and deleted user files from the device, it attempts to copy itself back to the PC.
"Cxover shows that it is possible to create a virus which will function both on personal computers and mobile devices," said Aleks Gostev, senior virus analyst, Kaspersky Lab. "The source code has been published. What will happen now remains to be seen. But one thing is clear – such viruses are no longer a matter of theory."