The criminals behind the rapacious and terrifying Cryptolocker Trojan have lowered their ransom demands to take account of the soaring value of their preferred currency, Bitcoins, according to security firm F-Secure.
The sum demanded for a decryption key in a newly detected variant of the malware is 0.5 Bitcoins, down from the previous level of 2 Bitcoins. This reduces the price from somewhere between $1,400 and $1,800 (£875 to £1125 at current prices) to around $350-$600, more in line with what the gang believes people can actually afford.
Put another way, as Bitcoins have surged in price Cryptolocker victims must have stopped paying the ransom in sufficient numbers and the criminals noticed. They might be crooks but they’re not insensitive to the basic economics of price.
Despite being an untraceable way of taking payment, Bitcoins have turned out to have some disadvantages. Volumes – liquidity - are still too low which causes erratic shifts in price. Recently, prices have also been trending upwards, helped perhaps by a recent US Senate hearing in which official submissions offered some hope that Bitcoins might eventually gain acceptance.
Anyone unlucky enough to have lost data files to Cryptolocker shouldn’t feel too ashamed at the prospect of paying the ransom; earlier this week it emerged that a small-town US police department had done precisely that in order to recover important files scrambled after an attack.
If police departments are paying criminals, what chance is there for the principled mortal?
Also this week, the UK’s National Crime Agency felt it necessary to warn that Cryptolocker is being aimed at UK SMEs possibly using a database of direct contacts.
There have been heaps of advice offered on how to counter Cryptolocker, most plausible ones focussing on having secure backups and enough nous to reinstate a PC using a system image. If the antivirus firms seem powerless for once it is the often ignored backup companies that are feeling vindicated.