Thursday, 4 June 2015

"Victim" Ransomware Receive Discounts Of Cybercriminal

Researchers have discovered a ransomware variant of which the author communicates via e-mail with victims and open to give off the ransom. The Troldesh-ransomware is spreading via email and ransomware encrypts like other kinds of files on the computer.

Remarkably, the ransomware also encrypts the file names. What is also striking is that Troldesh victims asked to contact via e-mail to decrypt the files and the payment method to use. Natalia Kolesova, researcher at security firm Check Point , decided an e-mail to the ransomware maker. She received within a few minutes an e-mail with instructions. To regain her files she had to send an encrypted file and pay 250 euros.

Then she asked in a subsequent email to discount, which ransomware maker had removed 15% of the amount. Eventually knows Kolesova get 50% off the ransom, which the author reports that the decryption key will not be given for free. "By the end of our correspondence I had received a 50% discount. Maybe if I had gone to negotiate even I could get a bigger discount," she noted. Recently, there was the creator of another ransomware copy which 'm vindicated and all infected computers decided to decrypt charge.

Virustotal Link

No comments:

Post a Comment