Comment by lqdc13
10 years ago
I think cryptolocker actually decrypted the FS after the ransom was paid. So sometimes it works.
Actually, it makes no sense to not follow through because that is their business model.
10 years ago
I think cryptolocker actually decrypted the FS after the ransom was paid. So sometimes it works.
Actually, it makes no sense to not follow through because that is their business model.
Let me make a spam analogy: the reason we are drowning in spam is because it works. If even 0.00001% of the spam recipients enters into a financially beneficial relationship with the spammers then everybody will get spammed. The only way spam will go away is if everybody will finally stop responding to spam.
So you just simply do not pay extortion fees unless you want to become part of the problem.
In the case of an encrypted filesystem that means you will have to restore from a back-up (which I assume (naively maybe) that you have). And you chalk the whole thing up to your education fund. Paying up is simply wrong.
> The only way spam will go away is if everybody will finally stop responding to spam.
Right, which is why "never pay extortion fees" doesn't make much more sense for combatting this stuff than "never click on spam links" makes for combating spam. It's unrealistic to think we will convince enough businesses to altruistically not pay extortionists, just like it's unrealistic to think you'll get your grandmother to stop clicking on spam links. You need another solution.
There is nothing altruistic about businesses not paying extortionists. Sure they may come to (some, hopefully limited) harm.
But once you as a business pay an extortionist you have just taken on another partner in your business, who will do none of the work and who will take almost all of your profits. So paying out of pragmatism will actually have the exact opposite effect of what you intend to achieve (to make the problem go away).
A good parasite does not kill the host, merely takes all the resources they can get and it certainly won't stop with one attempt at extortion. And judging from the blog post linked they learned their lesson.
edited for clarity, thanks ghotifish.
3 replies →
The way you make money is by selling spamming services. The sucker is not necessarily the person receiving the spam, it can also be the desperate business owner buying the "campaign".
According to Spam Nation by Krebson Security, Spam works because people can get cheap prescription drugs.
http://www.amazon.com/gp/product/1492603236 http://krebsonsecurity.com
If at any point a CryptoLocker locked a person files up, and they didn't give up the key and it got out, no-one will ever pay them again. It's in their best interest to actually unlock the files.