Companies and individuals have paid more than $25 million over the past two years to try to get their computer data back from hackers who hijacked it. This is according to new research by Google about the phenomenon.
Ransomware attacks use software that infects a target’s computers and encrypts all the files so that the victims lose access. The perpetrators hold onto the key for decrypting the data until they get their demanded payment, or ransom, which victims typically pay using bitcoin or some other cryptocurrency that is difficult or impossible to trace.
The research, conducted by Google, Chainalysis, University of California at San Diego, and New York University’s Tandon School of Engineering, was presented Wednesday at the Black Hat security conference in Las Vegas. Chainalysis is a startup that monitors bitcoin transactions for customers.
Many computer users are very much at risk because Google estimates only 37% of them actually back up the data on their hard drives.
Ransomware has become “a very, very profitable market and is here to stay,” Google researcher Elie Bursztein told the BBC news
Assessing actual payments is tricky, not only because victims typically use hard-to-track cryptocurrency to make payments, but also because most companies are not eager to disclose they’ve been victimized.
Related: Victims of Petya Ransomware
Thus the researchers relied on reports from victims, but they also found files that were used to infect machines and ran them on their own computers to replicate the process, according to the BBC. Then they monitored network traffic generated by victims to figure out where the money went.
Fortune contacted Google (GOOGL) and NYU requesting access to the report and will update this story as needed.
It is unclear if any of these companies actually paid the ransom.