A group of malware writers who hoped that people could be blackmailed into paying up for their data apparently have been shocked that people would be happier to scrap their hard drive rather than pay up.
CryptoLocker has been an obsession for the local television shows in the US where it is depicted as the worst malware ever created. CryptoLocker encrypts or freezes large parts of a Windows PC’s hard drive, then asks the user to pay up to regain access.
What makes the software different is to add a time limit. It said that users have three days to pay the ransom of $300, 300 euro or two Bitcoins before the encryption key is “destroyed” and the data lost forever. A displayed countdown clock adds to the sense of urgency.
However, according to Tom’s Guide, it seems that the threat is not working on its victims and the code has now been altered so that victims who missed paying the ransom for their encrypted files will receive a “second chance” option to get back their data.
People will be allowed to purchase decryption keys, but at a much higher price of 10 Bitcoins or about $2,200.
Unfortunately, for the malware writers, the second chance has shown their hand, despite the CryptoLocker claims that decryption keys are destroyed after three days, the criminals must actually store the keys somewhere.
The scam has evolved. It started out with the demand for credit-card information which was daft because the last think you would want to do is hand over your credit-card details to a cyber-scammer. The criminals added a Bitcoin option so that users could keep their financial information private.
Apparently, the malware can be spotted by most AV software but it can do a lot of damage before it is spotted.