14 DAY TRIAL // The CryptoLocker ransomware has made a lot of headlines lately. The malware is particularly nasty because it encrypts victims’ most important files and demands the payment of a fee to have them decrypted. So far, experts haven’t found a way to recover the files without paying up.
The cybercriminals that operate CryptoLocker keep improving the ransomware. Now, they’ve even launched a service that can be used to decrypt the files in case you’re having a change of heart and you want to pay up.
According to Sophos researchers, the CryptoLocker Decryption Service is a website where victims upload one of the encrypted files, pay a fee, and wait for the private key and decrypter to be sent to them.
Let’s say that your computer is infected with the malware, but you decide not to pay up. You remove the malware and try to restore your files from backups.
However, you might come to realize that your choice isn’t the best one. Your backups might be broken or infected, or you might not have enough backups, so you come to the conclusion that it would have been best to pay the “fine” in the first place. That’s when you visit the CryptoLocker Decryption Service.
“This service allow you to purchase private key and decrypter for files encrypted by CryptoLocker. If you already purchased private key using CryptoLocker, then you can download private key and decrypter for FREE,” reads a notice posted on the website.
However, the trick is that it’s far more expensive to use the Decryption Service than if you had paid up in the first place.
When a computer is infected with CryptoLocker, victims are asked to pay 2 Bitcoins to have their files restored. On the other hand, using this service costs 10 Bitcoins.
Of course, you shouldn’t pay up in case your computer is infected with CryptoLocker. However, there might be some scenarios in which victims simply don’t have any other choice.
On the other hand, the best thing to do is avoid falling victim in the first place. Keep backups of your most important files, keep your antivirus and other pieces of software up to date, and avoid accessing links or email attachments that look suspicious.