Catch up on stories from the past week (and beyond) at the Slashdot story archive

 



Forgot your password?
typodupeerror
Bitcoin Security

New and Improved CryptXXX Ransomware Rakes In $45,000 In 3 Weeks (arstechnica.com) 124

An anonymous reader writes:Whoever said crime doesn't pay didn't know about the booming ransomware market. A case in point, the latest version of the scourge known as CryptXXX, which raked in more than $45,000 in less than three weeks. Over the past few months, CryptXXX developers have gone back and forth with security researchers. The whitehats from Kaspersky Lab provided a free tool that allowed victims to decrypt their precious data without paying the ransom, which typically reaches $500 or more. Then, CryptXXX developers would tweak their code to defeat the get-out-of-jail decryptor. The researchers would regain the upper hand by exploiting another weakness and so on. Earlier this month, the developers released a new CryptXXX variant that to date still has no decryptor available. Between June 4 and June 21, according to a blog post published Monday by security firm SentinelOne, the Bitcoin address associated with the new version had received 70 bitcoins, which at current prices is valued at around $45,228. The figure doesn't include revenue generated from previous campaigns.
This discussion has been archived. No new comments can be posted.

New and Improved CryptXXX Ransomware Rakes In $45,000 In 3 Weeks

Comments Filter:
  • by Anonymous Coward

    Someone please turn OFF the deathray.

    Thanks,
    Gus

  • Almost all these ransom schemes involve Bitcoin as a form of payment. What would happen to ransomware if Bitcoin collapsed and became worthless?

    Maybe it's like asking what the night sky would look like if the stars went away (ie, unlikely), but maybe its use in ransom schemes would be one more reason for the Feds to "ban" it or make it so prohibitive to exchange currency for Bitcoin that asking for ransom in bitcoin would be like asking for it in moon rocks.

    • There are a bunch of other crypto currencies now, a few with multimillion dollar total values. They would switch to another one. There are even new ones with better anonymity guarantees than Bitcoin, making them harder for governments to effectively "ban".
      • by mlts ( 1038732 )

        Problem is... which currency? There are a lot of crypto-currencies out there, even people who have services where one can make your own cryptocurrency with various parameters. BitCoin was the first and has the most support from the mainstream. I can't really go up to a website and pay them in Dogecoin as I can with BTC.

        A BitCoin 2.0 is possible, but the hard part is getting critical mass. We already got through initial growing pains with BTC, and people are way about another currency and possible Mt. Go

    • by Penguinisto ( 415985 ) on Monday June 27, 2016 @02:55PM (#52401079) Journal

      Hell, I'm wondering what would happen if people, like, you know, backed up their shit once in awhile to an external USB drive.

      Sure, you'd still have the incidences of getting bit during the backup (while the drive was plugged in), but if you use your head about it, the odds become almost astronomical in your favor.

      • by swb ( 14022 )

        I think the backup thing is compounded by people who do backup but leave the backup disk connected all the time. It's reasonable protection for most system failures, but of course completely at risk for malware. The same goes for cloud sync systems and so forth.

        You and I know that backups should be offline to be safe, but a lot of people don't, including people who should.

        • by mlts ( 1038732 )

          It is just an arms race escalation. Used to be that an external HDD was good enough. Now, probably the cheapest ransomware protection is a NAS that does ZFS/btrfs snapshots (if not backs itself up to an external HDD) so ransomware can only trash a share, which can be recovered.

      • I run a small computer consulting/support business on the side. To date I've gotten 3 inquiries which were ransomware-related. (Might've been 4. The person's symptoms sounded like ransomware was in the process of encrypting his files. I told him to this and to immediately shut everything down and to contact me again for further steps, but he never did.) Meanwhile I've gotten dozens of inquiries about how to get "irreplaceable" data off dead hard drives or thumb drives, or which had been accidentally for
      • by houghi ( 78078 )

        I have a backup of my backup. With the prices of HDs that is not really an issue anymore. The reason? During a system upgrade where I reformatted my HDs in my PC (not an issue as I have backups) and at that moment my NAS decided to die.
        So now I have backups of my backups. And yes, they are incremential backups.

      • This comment made me stop and think. I have now spent approximately 30 minutes trying to determine what was the best way to do backups to replace my backup to external USB, as ransomware now makes that not a good solution anymore. This is for home use, not work use as work can afford the expensive solutions.

        The solutions I just ran through were:

        Tape - probably would cost upwards of $10k or require more work from me every backup swapping tapes
        Blu Ray - Even worse...tape is 800GB for a reasonably priced dri

    • Maybe it would be like post-WW1 Germany. You'd have to pay a billion bitcoins for a $100 ransom.

      • It would cost more in electricity to run the block chains on a billion BitCoins that the $100 ransom.. Only the miners would win, if there where any miners out there at that point.

  • by Anonymous Coward

    Please someone put these people behind bars already. Yes, security holes should be patched, but the criminals behind this need to be taught a lesson. And that lesson should not be that they can continue harassing people as they please.

    • They are all in countries like Russia where nobody can do anything about it.
      • Re: (Score:3, Interesting)

        by Tablizer ( 95088 )

        They are all in countries like Russia where nobody can do anything about it.

        Send spies into their home at 3am to break both their arms in a "bathtub accident", or pull an Israel and cut off their Jingle Bells. Or trick them via Judo call-ladies, who perform both actions.

        • by VAXcat ( 674775 )
          Hell, the US Government can't even do anything about "Bridget from Card Services", you expect them to be able to find and do something about these scammers?
    • Good idea.

      Problem is just that the feds in Somewheristan have better things to do than care about your people having a problem. They simply don't give a shit about virtual crimes, they have real crimes to deal with and already limited resources.

      In other words, your problems are not theirs.

      • by sjames ( 1099 )

        Someone needs to hack Hillary's email server and authorize a few drone strikes...

        • I don't know if a drone strike against the RBN is a good idea, our relationship with Russia is already a bit tarnished...

  • My job got hit by an email-delivered virus that spread across the network and encrypted 200+ hard drives before being stopped. Fortunately, user profiles are stored on the network. Didn't take much time to deploy loaner laptops and re-image the desktops to get the users up and running again.
  • CryptXXX only runs on Microsoft Windows [bleepingcomputer.com] I presume ..
    • CryptXXX only runs on Microsoft Windows [bleepingcomputer.com] I presume ..

      Well maybe if you ask nicely the authors will compile it for your platform of choice. I'm not sure how easily you'll find a steady supply of non-Microsoft shops to spearfish, though.

    • Yes, as the article you linked to stated:

      CryptXXX is a Windows ransomware infection

      Though there's other ransomware out there for other systems

    • by JustAnotherOldGuy ( 4145623 ) on Monday June 27, 2016 @03:17PM (#52401245)

      CryptXXX only runs on Microsoft Windows [bleepingcomputer.com] I presume ..

      I recently switched to Linux Mint; could you perhaps recommend some good Linux-compatible ransomware that I can run on my machine?

      • by Anonymous Coward

        I'd suggest systemd, but it won't go away even if you pay a ransom...

      • I recently switched to Linux Mint; could you perhaps recommend some good Linux-compatible ransomware that I can run on my machine?

        My favorite ransomware, available on both Windows and macOS, is Adobe Creative Suite.

      • by Scoldog ( 875927 )

        CryptXXX only runs on Microsoft Windows [bleepingcomputer.com] I presume ..

        I recently switched to Linux Mint; could you perhaps recommend some good Linux-compatible ransomware that I can run on my machine?

        The SCO Group [wikipedia.org]

    • This particular ransomware is Windows only, but it isn't like your OS of choice is immune, just not worth targeting. There have been ransomwares for MacOS and Linux, they just don't gain the traction of the Windows only ones because there are so few people who actively use these OSes.

  • Using write once media for backups should come back into vogue.

  • by Anonymous Coward

    Doesn't anybody back their crap up?

    • Sadly it doesn't seem like it as there's numerous articles about companies and hospitals paying because they don't have backups. I seriously hope that this will be a wakeup call for them.... but probably only until they feel the need to "cut costs"
      • by mlts ( 1038732 )

        Nope, from what an acquaintance told me who works in that field, you tell a hospital that they need to buy Veeam and a backup device, they will show you the door because those do not offer any positive ROI. You point out HIPAA issues, they will just laugh and point out that HIPAA is almost rarely enforced. They are more interested in having sophisticated locks to keep patients out of the Prozium cabinets than to have any actual protection of records.

    • No, no they don't. I have spent WAY too many years of my life evangelizing backup solutions. And I can tell you without a moments hesitation, that they do not. In fact, when computer illiterate people jack their files up with CryptXXX, if you have touched their machine in the last 6 months, it will be your fault. That's how their minds work. It's why they spend hours on Facebook and we have technical job. (and completely misunderstand each other)
      • Then I think they're getting off easy being able to get the data back for $500. If the drive goes tits up it probably costs more than that and the data may be gone for good at any price.

    • 80% of them don't.

      The other 20% do make backups and only notice when they need them that the backups are worthless when they finally need them because they don't do recovery test.

      • Actually there is a vanishingly small slice of folks who make backups and actually test them occasionally.... I know, I'm one of them...

    • Doesn't anybody back their crap up?

      I kept telling people to back up their data, but no one listened.

      I found, however, they were somewhat more receptive when I told them to back that thang up [youtube.com].

    • by EvilSS ( 557649 )

      Doesn't anybody back their crap up?

      Sure. But unfortunately ransomware is becoming a common way companies are finding out that they are either not backing everything important up, or their backups are not configure correctly and they don't have the backups they thought they had.

    • by mlts ( 1038732 )

      If you ask someone if they back their stuff up, they would say that their computer doesn't have a reverse gear. In fact, I've encountered plenty of people who assume their documents will get trashed, and don't bother doing anything about it. If you can get people to install Mozy or something, that is almost a miracle, much less plugging in an external HDD.

      Plus, for Windows, most client backup utilities outside of Veeam and Bup are utter garbage. I've seen way too many programs fail silently and not compl

  • Death to these ransomware pricks.

  • That works out to about $800,000 per year. It's a lot for one person, but there are likely many people working on this. They're not even sitting back and watching the money roll in; they've been constantly working to keep up with the white hats. If there are more than 10 people working on this, they could probably get normal jobs that would pay nearly as well. So it actually looks like we're doing a pretty good job of making this unprofitable. I suppose the determining factor is local salaries, so it will b

  • I've got a server with Raid 1 for backups. At one time, it seemed like a good idea but, obviously, the bad guys can encrypt my backups with this setup where I'll end up having redundant copies of mush. What is the best solution now so that I can totally thumb my nose at at the first person that manages to encrypt a family member's computer? An offline USB Drive may be good but doesn't feel very automated to me :-(
    • by mlts ( 1038732 )

      Back up the server? Even snapshots will foil most ransomware because they can't normally zap ZFS or btrfs snaps through a CIFS share interface.

Earth is a beta site.

Working...