We have been keeping our readers updated about CryptoLocker – the menacing ransomware that encrypts files and demands money in exchange for a private key for decrypting the data. Once the malware encrypts the files, the victim has 72 hours to pay the ransom ($300 USD), failing which, the private key will be destroyed and their data will be lost forever. But there is a new twist now. News are up that, the creators of CryptoLocker are giving their victims a second chance to get back their files. This second chance, however, would come at a higher cost.
Data, once encrypted by CryptoLocker, cannot be recovered without purchasing the private key. And once this malware is detected by an antivirus software, it is removed from the system. So, even if a victim changes their mind to pay the ransom and get back their ‘precious’ data, they won’t be able to. Users have been time and again recommended not to pay any money to the ransomware. But let’s say a business is going down because its data got encrypted by CryptoLocker. It is most likely, that the business owner will pay the ransom. It looks like the developers of CryptoLocker might have thought on such possibilities and came up with an online decryption service. This service is for those who still want to recover their lost data. Retrieval of data using this service is 10 Bitcoins or approximately $2,120 USD.
How does the Service Work?
The user has to upload an encrypted file on the service page, after which they will receive an order number. This number can be used to check the status of the order. Once an order is found, the user will be prompted to purchase the private key. If the payment matches the amount demanded by CryptoLocker, then the user will receive the private key and a decrypter to recover their data.
To sum up:
Cost of private key within the 3 days period – $300 USD
Cost of private key after the 3 days period – $2,120 USD (approx)
In the following posts we have discussed how CryptoLocker works, and how you can prevent it from infecting your computer:
a) CryptoLocker – the New Ransomware on the Loose
b) Know what precautions you should take to prevent data loss caused by CryptoLocker
Data Source:
www.bleepingcomputer.com
2 Comments
Why after enabling Browser Sandbox in Quick Heal Total Security 2014, every website I visit shows too many advertisements?
@Rajib sir
Thank for updating knowledge related Cryptolocker
It is really useful Information