The people behind CryptoLocker aren’t so bad, after all. They have listened to their victims’ complaints and tweaked their model accordingly.
Now, people who do not pay the $300 ransom will not simply have their files inaccessible forever. They can just pay out $2,000, a modest sum for a late ransom payment, all things considered.
All sarcasm aside, there are some criminals who are poised to make a lot of money off of this scam.
CryptoLocker is a particularly vicious piece of malware. It goes out as an attachment in an email designed to look like communication from a bank. Targets mostly seem to be small businesses.
When a user opens the attachment, a trojan puts all the computer’s files on lockdown and demands a ransom payment in Bitcoin within 72 hours. So anyone who isn’t savvy enough to set up a Bitcoin wallet and make payment in three days — which is most of humanity — previously had the decryption key to their files destroyed, and all they could do was purge the hard drive.
Now, a CryptoLocker Decryption Service has gone up on a sketchy Ukrainian web host that lets victims upload encrypted files. A confirmation page then comes up asking for 10 BTC, which is about $2,000 at current exchange rates.
But in a show of goodwill and true humanity, the criminals will not charge users who have already paid their ransoms for the private key to a file.
The lesson, then, is to be careful and proactive. First, don’t open email attachments unless you 100% know the sender. Two, keep your PC and its antivirus/anti-malware protection up to date. Third, back up your files (and if you back up to a cloud drive, deactivate automatic syncing because something like CryptoLocker could overwrite those backed-up files).