Ransomware malware is a new kind of virus or software program, that encrypts the data of victim’s computers, rendering it unusable until a ransom is paid to the bad guys.
CryptoLocker and CryptoWall are two of the most well known versions, but there are many copycats going around that all essentially do the same thing. With this kind of program your computer and software keeps on working as usual, but your personal files, documents, spreadsheets and images, etc, are encrypted.
The only copy of the decryption key is held by the criminals on their server, and the only way to get access to that and to unlock your files, is to pay the ransom. You are given a time limit, and if you do not pay in time, the key that is needed to decrypt your files is destroyed, making it impossible to ever recover the files. If you do not pay for the key, you cannot recover your files, so you need to decide if the information is worth more than the ransom to you.
You can detect for this software with the Sophos virus removal tool
Paying for your files to be decrypted using bitcoin
The quickest and easiest way to recover your files if you have been infected by Ransomeware, is to do a bitcoin payment to the baddies. The fastest way to do this is to use www.localbitcoins.com. If you use one of the other local exchanges in South Africa, you will most likely need to wait a couple of days for your verification and FICA documents to be processed. With www.localbitcoins.com you can buy bitcoins to pay the the same day, sometimes within minutes, depending on the seller at www.localbitcoins.com.
One of the exchanges in South Africa (Bitx) has on their Terms of Use page under the Prohibited Activities list, an entry stating that you may not use Bitx products, services to “engage in extortion or blackmail”, which is essentially what you will be doing as a victim, when you pay the ransom. Not wanting to perform unauthorised transactions many users turn to www.localbitcoins.com.
Watch CryptoLocker in action
If you have problems with ransomware, someresources that could potentially assist you are:
- http://www.microsoft.com/security/portal/mmpc/shared/ransomware.aspx
- http://www.bleepingcomputer.com/virus-removal/
- http://malwaretips.com/blogs/category/ransomware/
- https://forums.malwarebytes.org/index.php?/forum/39-malware-removal-guides-and-self-help-guides/
