Ransomware + Altcoins ?

[Spoetnik]

Ok so when are they going to start using them ?
I started to think about that reading this story..
http://www.neowin.net/news/cerber-ransomware-rakes-in-almost-1-million-per-year-even-if-victims-arent-paying

Apparently they have affiliate programs with them now  

It got me thinking if you want an Altcoin adopted and to think you "made it" ?
..it needs to be used by RansomeWare makers  

Come on criminals.. LETS MAKE ALTCOINS GREAT AGAIN !

PS:
If you clicked that link you are now infected by SputWare2016 the ultimate Ransomware !
You will have no choice now but to pay me 600,000 JackpotCoins !
(Affiliate program available)

[spartak_t]

Maybe on a later future they could ask for LTC, Ethereum (ETH or ETC) or whatever. It is quite possible.

P.S. I think that the first ransomware was CryptoLocker and the creator was found to be a russian hacker so, yes, you could say that ransomware's origin is Russia.
P.S.2 I did read the article, but I could send you 10 FAIL coins as I don't think I was infected by your ransomware.

[jehst]

Makes a lot more sense to ask for monero than bitcoin for your ransom payment.

[Mike8]

Most people (hackers included) still don't know that Bitcoin is not anonymous and can be traced.
And they need a mean to get funds, a mean that is accessible to the weakling that wants to pay the ransom.
If they ask for a coin that cannot be bought in most countries directly for fiat, it's #FAIL. And this makes the list very short, excluding (from what I know) all the anonymous coins.
And then why not just stick to Bitcoin?

[spartak_t]

Most people (hackers included) still don't know that Bitcoin is not anonymous and can be traced.

Of course the hackers know that...

[jaesonma]

i wonder anyone really pays money to the ransomware? Definitely they will blackmail again even after they paid.

[vlom]

i wonder anyone really pays money to the ransomware? Definitely they will blackmail again even after they paid.

people pay. and they pay because the get their data back. this system only works when the "hacker" really gives you the key after you have payed.

[Btcforall]

Most people (hackers included) still don't know that Bitcoin is not anonymous and can be traced.

Of course the hackers know that...

If they do,why do the demand ransom in bitcoin http://m.healthcareitnews.com/news/medstar-attack-found-be-ransomware-hackers-demand-bitcoin
On a second thought, hackers are usually active internet users and it is highly unlikely that they are unaware of bitcoin traceability

[spartak_t]

Most people (hackers included) still don't know that Bitcoin is not anonymous and can be traced.

Of course the hackers know that...

If they do,why do the demand ransom in bitcoin http://m.healthcareitnews.com/news/medstar-attack-found-be-ransomware-hackers-demand-bitcoin

I think that there are a lot of ways to cover yourself.

On a second thought, hackers are usually active internet users and it is highly unlikely that they are unaware of bitcoin traceability

Sure, that is why I've said they are aware of that.

[Bepesand]

Maybe on a later future they could ask for LTC, Ethereum (ETH or ETC) or whatever. It is quite possible.

P.S. I think that the first ransomware was CryptoLocker and the creator was found to be a russian hacker so, yes, you could say that ransomware's origin is Russia.
P.S.2 I did read the article, but I could send you 10 FAIL coins as I don't think I was infected by your ransomware.

Why not the hackers ask for Monero or Bytecoin. These are more anonymous coins and are more difficult to trace the usage.

[merelcoin]

Maybe on a later future they could ask for LTC, Ethereum (ETH or ETC) or whatever. It is quite possible.

P.S. I think that the first ransomware was CryptoLocker and the creator was found to be a russian hacker so, yes, you could say that ransomware's origin is Russia.
P.S.2 I did read the article, but I could send you 10 FAIL coins as I don't think I was infected by your ransomware.

Why not the hackers ask for Monero or Bytecoin. These are more anonymous coins and are more difficult to trace the usage.

I guess because it's already rather difficult for a not-so-tech-savvy user to buy bitcoin, let alone bytecoin or monero. If they would ask these coins, i guess more of their victims wouldn't be able to ackquire the ransom even if they wanted to. (just my opinion tough).

Bitcoin is allmost impossible to trace IF you know what you're doing... You can go trough 1 or 2 mixers, use an online casino with a central wallet, go trough some exchanges to exchange the "tainted" BTC into a more anonymous coin => send it to a different exchange => exchange it back to BTC, buy freshly mined coins from a miner for a premium fee,... All this can be done over a mix of trusted VPN's, trusted proxy's, TOR on public wifi's... I'd like to see a gov agency trace BTC from a user that actually knows how to break the link.

[spartak_t]

Why not the hackers ask for Monero or Bytecoin. These are more anonymous coins and are more difficult to trace the usage.

Maybe because many people still don't know anything even about Litecoin, which was like the 8th cryptocurrency after Bitcoin.

[Spoetnik]

Maybe on a later future they could ask for LTC, Ethereum (ETH or ETC) or whatever. It is quite possible.

P.S. I think that the first ransomware was CryptoLocker and the creator was found to be a russian hacker so, yes, you could say that ransomware's origin is Russia.
P.S.2 I did read the article, but I could send you 10 FAIL coins as I don't think I was infected by your ransomware.

Why not the hackers ask for Monero or Bytecoin. These are more anonymous coins and are more difficult to trace the usage.

I guess because it's already rather difficult for a not-so-tech-savvy user to buy bitcoin, let alone bytecoin or monero. If they would ask these coins, i guess more of their victims wouldn't be able to ackquire the ransom even if they wanted to. (just my opinion tough).

Bitcoin is allmost impossible to trace IF you know what you're doing... You can go trough 1 or 2 mixers, use an online casino with a central wallet, go trough some exchanges to exchange the "tainted" BTC into a more anonymous coin => send it to a different exchange => exchange it back to BTC, buy freshly mined coins from a miner for a premium fee,... All this can be done over a mix of trusted VPN's, trusted proxy's, TOR on public wifi's... I'd like to see a gov agency trace BTC from a user that actually knows how to break the link.

Ya good point !

I also did post a link to that recent story where they mentioned BTC "mixing"
Apparently they are getting away with it and those criminals are hard to catch.

And some pay because they have no choice.
Imagine people use their PC's for anything.
So if you had your life's work on there and had to pay $600 to get it back.. many end up paying !
Hell look at the cost of PC repair at your local stores.. they are not cheap.
So from a victims perspective i don't think they would worry about it that much. (the money)
Plus how much money you make ?
If your work on your PC saved was worth a lot for a big company where you made a lot.. you may not care about paying.

I just wonder if Altcoins will end up being more common with them in the future.

So far i have no experience with them.. just seen them mentioned lots in the news.
I heard before they make something like 350 million year and climbing.
SO..
As time goes on we are all facing a larger risk of getting hit by one !
And the silence in the Altcoin scene + Ransomware is deafening.. i doubt it will stay that way too.

Watch your backs people.
I seen one written in Javascript the News story said LOL
Ya Javascript like as used in web pages.. (not Java)

If a new coin launches here with one it could be ugly.
Or if an existing one is updated with malicious code..

Don't forget this HAS happened here more than once with various malware that included Keyloggers.
Users here HAVE had their wallets cleared out after getting hit with an infected coin wallet.
So don't take these risks lightly !

ME ?
I wouldn't pay.
I prob couldn't afford it and if i could i wouldn't do it anyway.
I would just reformat my PC and pull out my install disc and sadly start all over again.
Over the years i have had some stuff backed up so i would not have to start out from scratch.
Much of "my stuff" i can get again.. like downloaded TV shows or Music / Pictures.

[spartak_t]

Hell look at the cost of PC repair at your local stores.. they are not cheap.

That's has nothing to do with the ransomware viruses. Last year I have dealt with 2 computers, which were infected with the same ransomware (they were not in the same network, they were even in different towns) and there was no solution other than to pay. Many of these viruses are using 256 bit encryption, which is pretty much impossible to be broken. To understand this better, a computer with a performance of 30 petaflops (i.e. - capable of 30,000 billion floating point operations per second) would need more than 10 years to decrypt it.   

[kiklo]

Hmm,

Hackers that are doing ransom-ware with BTC, mainly the following reasons,

One it is easier for their victims to get ,
Easier for them to mix,

However we can't confirm that they don't use altcoins during the mixing process, because they might.
But the final conversion would be in BTC as more places to convert it back into Fiat, which is their main goal anyway.
(They used to have people send money from 7-eleven stores using money gram before they switched to BTC)
https://7elevenmoneytransfer.com.au/

As far as the arrival mechanism , lately they have been sending out mass emails, claiming to be an invoice in a Word Document.
User open the word doc, which triggers a Macro which downloads and triggers the virus.
The Virus runs in the background, and many users report the PC feeling slow or sluggish, once all of the files are encrypted,
It pops up on the screen with the ransom.

I seen a few different versions of this ransomware bugger.

1. User Workstation was hit and it encrypted every word, excel, picture on that PC and all of the server drives it had access too.  
Removal of the virus is simple, as it work was done, luckily the company was professional and kept a nightly backup.
Restored the Server Backups, and they were up and running the next day.  
(PC was Reformatted)

2. Another User at another company was tricked into loading a trojan word file.
It also encrypted all files on the workstation and server.
Server was restored from the previous night's backup,
however there were no backups for all of the files that were being kept on the PC.  
But they got lucky, this version of ransomware , did not delete the Shadow copies created by windows.
User lost ~2 days worth of work verses 3 years.

But there are newer versions that delete those shadow copies first, so that recovery option may not be possible.

Moral of the story a weekly backup to a drive that is not left connected to your PC will save your butt.
Not just from ransomware, but from hard drive failures.
Ransom guys charge a few hundred bucks , Data Recovery Firms charge in the $Thousands.

A 1TB USB drive is under $80 , It is the Cheapest Insurance you can buy for your Data.  

 

FYI: Tips
If the User has no backups,
Place the Hard drive in a Secure System and make a data recovery image with something like GetDataBack software.
Then you can scan the image for any deleted files.
Then clean the virus from the hard drive, place back in original system and check to see if any shadow copies are available.
http://www.shadowexplorer.com/
If all of those fail, then the users may pay the ransom, but get them setup with a backup procedure so it never happens again.

[Snorek]

I hope it will never happen. I mother was a victim of a ransomware called CryptoWall. And I can tell you it is not funny nor proper to talk like creating this shit is a good business.
I never paid anything and I never will to any of these bastards behind it. It was the first time I regretted that Satoshi invented bitcoin, don't make me do this again.

[spartak_t]

Ransom guys charge a few hundred bucks , Data Recovery Firms charge in the $Thousands.

As I have said - this has nothing to do with a data recovery. You are screwed if there is no known solution (i.e. decryption). No matter if you send to a firm or to CIA/FBI.

[kiklo]

Ransom guys charge a few hundred bucks , Data Recovery Firms charge in the $Thousands.

As I have said - this has nothing to do with a data recovery. You are screwed if there is no known solution (i.e. decryption). No matter if you send to a firm or to CIA/FBI.

hmm, we are losing something in translation.

If the ransomware purged the deleted files and overwrote the files with the encrypted files and removed the shadow copies, and their were no external backups , then you would be right there is nothing anyone can do except pay the ransom or lose the data.

However , if the ransomware did not wipe the deleted file or removed the shadow copies or the user had an external backup, then those are options that a PC tech could check, which would make it so the users would not have to pay the ransom.
And as I said, I did save someone's data from a ransomware virus , because that specific one left the shadow copies intact.

And those can be checked by local techs for a few bucks, there is no need for a Data recovery firm as the hard drive should be in working order.
But ransomware may or may not hit a PC, a hard drive failure is a guarantee if you keep it too long without replacing.

Either way not making periodic backups is asking for trouble, failure is not an if but a When.
That is my primary point.

 

[spartak_t]

Ransom guys charge a few hundred bucks , Data Recovery Firms charge in the $Thousands.

As I have said - this has nothing to do with a data recovery. You are screwed if there is no known solution (i.e. decryption). No matter if you send to a firm or to CIA/FBI.

hmm, we are losing something in translation.

If the ransomware purged the deleted files and overwrote the files with the encrypted files and removed the shadow copies, and their were no external backups , then you would be right there is nothing anyone can do except pay the ransom or lose the data.

However , if the ransomware did not wipe the deleted file or removed the shadow copies or the user had an external backup, then those are options that a PC tech could check, which would make it so the users would not have to pay the ransom.
And as I said, I did save someone's data from a ransomware virus , because that specific one left the shadow copies intact.

And those can be checked by local techs for a few bucks, there is no need for a Data recovery firm as the hard drive should be in working order.
But ransomware may or may not hit a PC, a hard drive failure is a guarantee if you keep it too long without replacing.

Either way not making periodic backups is asking for trouble, failure is not an if but a When.

 

They were no shadow copies back in 1932 (or it was 1938?). There was no even Windows back then.

[kiklo]

They were not shadow copies back in 1932 (or it was 1938?). There was no even Windows back then.

We had Windows ,    


Less Features as they were only for opening & closing and looking thru.

https://en.wikipedia.org/wiki/Shadow_Copy
Started with Windows XP,