Think you can get out of a ransomware jam by simply paying the ransomer? Think again. Sometimes the cybercriminals just aren’t smart enough—or don’t care enough—to make sure you get your data back.
The ransomware program, RANSOM_CRYPTEAR.B, just proved that paying the ransom isn’t a guaranteed way to get your files back. In an article titled, “Faulty ransomware renders files unrecoverable, even by attacker,” Computer World reports that RANSOM_CRYPTEAR.B is a “modification of a proof-of-concept file encryptor application called Hidden Tear that was published on GitHub in August by a Turkish security enthusiast.”
The proof-of-concept code was posted online for “educational purposes” but that didn’t stop a Brazilian cyber criminal from swiping the code and modifying it for financial gain. Distributed as a Flash Player update, once RANSOM_CRYPTEAR.B is installed, the program generates an encryption key file and saves it to the computer’s desktop. Then the ransomware file proceeds to encrypt all of the files on the machine, including the encryption key file, rendering it useless.
That means even if an infected end user pays the ransom they don’t get their files back.
And the ransomer still gets paid.
Times have changed
While it seems the issue with RANSOM_CRYPTEAR.B is that the hacker bungled the code, two things are certain: 1) Users infected with the virus will not get their data back unless they have endpoint backup in place. 2) This won’t be the only time we see malicious code that demands money in return for decrypted files, but doesn’t deliver. Cyber sadism just for the thrill of it is alive and well in the IoT.
What can you do? Never pay the ransomer.
A few short months ago the FBI advised, “If your computer is infected with certain forms of ransomware, and you haven’t backed up that machine, just pay up.” With the advent of ransomware that doesn’t decrypt your data when you pay and cyber criminals that don’t care about upholding their end of the bargain, your only alternative is to backup your data. All of it. Period.
Endpoint backup that captures and protects all files created and stored on laptops and desktop computers is the only way to ensure you never find yourself in a ransomware jam you can’t back out of.
To learn more about how endpoint backup can protect all of your data and keep you from paying the ransomer, download The Guide to Modern Endpoint Backup and Data Visibility.