SecurityWorkspace

CryptoLocker Cuts Ransom As Bitcoin Price Goes Up

CryptoLocker
0 0 No Comments

Malware creating scumbags tweak the algorithm to keep the fee affordable

The latest version of CryptoLocker, the clever malware that scrambles user’s files and demands money in return for an encryption key, has lowered the amount of ransom from two bitcoins to just 0.5 BTC.

When CryptoLocker first emerged in September, the price of Bitcoin was hovering around $300 (£185), depending on the day of the trading. In contrast, today the virtual currency is worth more than $800 (£495) per BTC, boosted by a US Senate hearing which stated it “may hold long-term promise”.

“The price of Bitcoin has been wildly volatile lately. And that type of commodity volatility affects Bitcoin’s ability to act as a currency because prices are quickly driven out of whack. Even for ransomware such as CryptoLocker,” said Sean Sullivan, security advisor at F-Secure.

The perfect crime

CryptoLocker is spread by emails that claim to originate from a bank or other financial institution and include an executable file disguised as an archived document, which contains malicious code.

CryptoLocker_20131120_SendcoinstoThe malware encrypts the user’s storage devices, including internal and external drives, USB keys and Network-Attached Storage (NAS), meaning that even regular back-ups may not save its victims.

It gives the user 72 hours to pay the ransom, threatening to make the data inaccessible forever. Recent versions of CryptoLocker have added the option to pay a whopping 4 BTC (around $3200) for skipping this deadline.

Since the malware relies on industry-standard encryption, it has no known antidote. Once CryptoLocker has infected the system, the user has just two choices – pay the ransom, or lose their data. Earlier this month, the UK National Cyber Crime Unit (NCCU) issued a warning which said this particular strain of malware posed a “significant risk” to small and medium businesses.

According to some user reports, once the private key is paid for, the files are decrypted. However, the BBC said it was aware of cases in which the ransom had been paid but the files could not be retrieved.

“The NCA are actively pursuing organised crime groups committing this type of crime,” said NCCU deputy head Lee Miles in a statement last week. “We are working in cooperation with industry and international partners to identify and bring to justice those responsible and reduce the risk to the public.”

What do you know about Bitcoin? Take our quiz!