Slashdot Mirror

← Back to Stories (view on slashdot.org)

Windows Malware Poses As Ransomware, Just Deletes Victims' Files (slashgear.com)

Posted by BeauHD on from the wanna-be-ransomware dept.

An anonymous reader writes: Ranscam, a ransom malware reported by Cisco's Talos Security Intelligence group, claims to have encrypted victims' files and hold them for ransom, but in actuality it has already deleted those files and is simply trying to trick its victims into paying to recover files that are no longer there anymore. SlashGear reports: "Most ransomware follow a similar tactic once they get control of a computer or mobile device. They encrypt certain files, personal documents are a favorite, and then display a message instructing the user to pay, usually with bitcoins, to receive the decryption key to save their files. Ranscam, however, is completely without honor, as much honor as you can find among thieves and scam artists. It claims to have encrypted the users' files and then makes the usual demand. However, it adds an additional threat. For each time the user clicks on the 'payment sent' button but no payment was received, it threatens it will delete a file. That, however, is a total farce. In truth, files have already been deleted, so whether the victim pays or not is moot. The perpetrators don't have any way to recover those deleted files anyway. Also, the threats it flashes users are simply static images fetched from a remote server. Users might just as well be clicking on a two-slide presentation. The good news is that reported Ranscam infections are small, according to Cisco's Talos Security Intelligence group."

4 of 118 comments (clear)

  1. this malware is less evil by Anonymous Coward · · Score: 3, Insightful

    Seriously, this malware is less evil. Provided the files haven't been overwritten, just deleted, they can be recovered. It's far far easier to recover a deleted file than an encrypted one.

    1. Re: this malware is less evil by Joce640k · · Score: 1, Insightful

      you can certainly scan the disk for deleted files and recover your data.

      ...says somebody who never actually tried it in real life.

      Let me come over to your house and delete your files, then video you as you try to get them back.

      Even better, let's copy the files to a folder and delete them there then watch you try to recover them. No harm, done, right?

      --
      No sig today...
  2. Fighting the good fight that the FBI has abandoned by Anonymous Coward · · Score: 2, Insightful

    While the FBI teaches victims to pay the ransom, the hackers pick up the job of teaching people an important lesson, "never give in to extortion."

  3. Re: This is actually a good thing in the big pictu by Anonymous Coward · · Score: 0, Insightful

    Having another fascist agree with him doesn't make him right. Trump has really emboldened the psychos among us.