Receive all Cointelegraph news immediately in Telegram.
The people behind CryptoLocker aren’t so bad, after all. They have listened to their victims’ complaints and tweaked their model accordingly.
Now, people who do not pay the $300 ransom will not simply have their files inaccessible forever. They can just pay out $2,000, a modest sum for a late ransom payment, all things considered.
All sarcasm aside, there are some criminals who are poised to make a lot of money off of this scam.
CryptoLocker is a particularly vicious piece of malware. It goes out as an attachment in an email designed to look like communication from a bank. Targets mostly seem to be small businesses.
When a user opens the attachment, a trojan puts all the computer’s files on lockdown and demands a ransom payment in Bitcoin within 72 hours. So anyone who isn’t savvy enough to set up a Bitcoin wallet and make payment in three days — which is most of humanity — previously had the decryption key to their files destroyed, and all they could do was purge the hard drive.
Now, a CryptoLocker Decryption Service has gone up on a sketchy Ukrainian web host that lets victims upload encrypted files. A confirmation page then comes up asking for 10 BTC, which is about $2,000 at current exchange rates.
But in a show of goodwill and true humanity, the criminals will not charge users who have already paid their ransoms for the private key to a file.
The lesson, then, is to be careful and proactive. First, don’t open email attachments unless you 100% know the sender. Two, keep your PC and its antivirus/anti-malware protection up to date. Third, back up your files (and if you back up to a cloud drive, deactivate automatic syncing because something like CryptoLocker could overwrite those backed-up files).
Follow us on Facebook
For updates and exclusive offers, enter your e-mail below.
Thank you for contacting us! We will reply to you as soon as possible.
Thank you for your interest in our franchise program.
We are considering your request and will contact you in due course. If you have any further queries, please contact: