New and Improved CryptXXX Ransomware Rakes In $45,000 In 3 Weeks

An anonymous reader writes:Whoever said crime doesn't pay didn't know about the booming ransomware market. A case in point, the latest version of the scourge known as CryptXXX, which raked in more than $45,000 in less than three weeks. Over the past few months, CryptXXX developers have gone back and forth with security researchers. The whitehats from Kaspersky Lab provided a free tool that allowed victims to decrypt their precious data without paying the ransom, which typically reaches $500 or more. Then, CryptXXX developers would tweak their code to defeat the get-out-of-jail decryptor. The researchers would regain the upper hand by exploiting another weakness and so on. Earlier this month, the developers released a new CryptXXX variant that to date still has no decryptor available. Between June 4 and June 21, according to a blog post published Monday by security firm SentinelOne, the Bitcoin address associated with the new version had received 70 bitcoins, which at current prices is valued at around $45,228. The figure doesn't include revenue generated from previous campaigns.

What happens to ransomware if Bitcoin collapses?

[swb]

Almost all these ransom schemes involve Bitcoin as a form of payment. What would happen to ransomware if Bitcoin collapsed and became worthless?

Maybe it's like asking what the night sky would look like if the stars went away (ie, unlikely), but maybe its use in ransom schemes would be one more reason for the Feds to "ban" it or make it so prohibitive to exchange currency for Bitcoin that asking for ransom in bitcoin would be like asking for it in moon rocks.

Re:Behind bars

[Tablizer]

They are all in countries like Russia where nobody can do anything about it.

Send spies into their home at 3am to break both their arms in a "bathtub accident", or pull an Israel and cut off their Jingle Bells. Or trick them via Judo call-ladies, who perform both actions.

Re:What happens to ransomware if Bitcoin collapses

[bobbied]

I don't think the problem with law enforcement is lack of understanding or technical ability, but more of a lack of interest in "solving" such crimes because of the sheer amount of cost it would involve.

Think about it... Your local police don't care that you are getting forced to pay $50 to get your files back, well they don't care *enough* to bother doing anything more than possibly making an official report (if that). The local police don't have the resources or time to follow up and the criminal is unlikely to be within their jurisdiction anyway. The state police are too busy solving bigger crimes to bother with such a 2 bit $50 extortion crime even though it's slightly more likely the criminal was within their jurisdiction. The Federal police (FBI) REALLY doesn't care about your $50 ransom payment, they have so much bigger fish to fry that they won't likely bother to even take a report from you, unless it happens to be aligned with some investigation already in progress, even then what can they do if the criminals are overseas? Nothing.

So it's not lack of ability, it's lack of motivation. Literally, those who could do something are too busy to care and those who care can't do anything.