Topic: CryptoLock - wow they really are making some money - page 3. (Read 8927 times)
How to get rich: make CryptoLock v2.0 ---> profit.
so what is the work-around to fix this, so that the victims are not forced to pay into this scam and then treating bitcoin as a criminal preferred coin. if we as a community help out the victims by solving their woes they wont need to pay into it and think of bitcoin as a bad thing.
secondly this address that the funds get paid into could simply be a mtgox, bitstamp, btc-e deposit address. because once its in an exchange the funds just get split up for other users who are withdrawing.
we don't want criminals tainting the coins, i definitely don't want to withdraw my coins from an exchange and realise they are linked to the deposits of this scammer using the same exchange.
If it puts all the files in an encrypted archive, there is no cure, only vaccines. secondly this address that the funds get paid into could simply be a mtgox, bitstamp, btc-e deposit address. because once its in an exchange the funds just get split up for other users who are withdrawing.
we don't want criminals tainting the coins, i definitely don't want to withdraw my coins from an exchange and realise they are linked to the deposits of this scammer using the same exchange.
so what is the work-around to fix this, so that the victims are not forced to pay into this scam and then treating bitcoin as a criminal preferred coin. if we as a community help out the victims by solving their woes they wont need to pay into it and think of bitcoin as a bad thing.
secondly this address that the funds get paid into could simply be a mtgox, bitstamp, btc-e deposit address. because once its in an exchange the funds just get split up for other users who are withdrawing.
we don't want criminals tainting the coins, i definitely don't want to withdraw my coins from an exchange and realise they are linked to the deposits of this scammer using the same exchange.
secondly this address that the funds get paid into could simply be a mtgox, bitstamp, btc-e deposit address. because once its in an exchange the funds just get split up for other users who are withdrawing.
we don't want criminals tainting the coins, i definitely don't want to withdraw my coins from an exchange and realise they are linked to the deposits of this scammer using the same exchange.
That's kind of awesome. So it just puts all the files in an archive, I guess? Does it install a new bootable "CryptoLock" OS, or does this function inside other OSes? How does a user purchase Bitcoins without access to their usual Internet browsers if they don't have another capable device?
those many-to-many tx's look like blockchain.info's new mixer.
These transactions are somewhat puzzling. There are an awful lot of many-to-many payments here, lots of which are merging/splitting payments that are much smaller than 2 BTC in size. I wonder if 1AEoiHY23fbBn8QiJ5y6oAjrhRY1Fb85uc is actually some kind of mixing or service address. I see some transactions that look like they were generated by a bitcoinj based wallet as well, and one address that paid in came direct from a miner/coinbase payout.
I'm not totally convinced that 1AEoiHY23fbBn8QiJ5y6oAjrhRY1Fb85uc is actually controlled by the cryptolocker guys. Question is, if I'm right, then - what is it?
edit: this one looks definitely a part of it; https://blockchain.info/address/18iEz617DoDp8CNQUyyrjCcC7XCGDf5SVb
I'm not totally convinced that 1AEoiHY23fbBn8QiJ5y6oAjrhRY1Fb85uc is actually controlled by the cryptolocker guys. Question is, if I'm right, then - what is it?
edit: this one looks definitely a part of it; https://blockchain.info/address/18iEz617DoDp8CNQUyyrjCcC7XCGDf5SVb
So far they used single encryption key on all victims... And these addresses with 4k coins probably are mixing service of some kind.
When I read this story I was shocked.
It is so evil-y genius!
Supposedly you have 48 hours to pay the 2 BTC ransom or your PC gets erased, if you wait past then it bumps up to 10 BTC.
Sounds like a friggin' movie!
Crypto Locker Virus Locks Down Critical Files, Demands Ransom
http://www.inquisitr.com/1007454/crypto-locker-virus-locks-down-critical-files-demands-ransom/
The Crypto Locker virus is being called one of the strongest and most devastating computer viruses in history, and it strikes by literally holding computer owners hostage.
The virus infects computers through a legitimate looking email, usually from a reputable company like FedEx or UPS. Once opened, the virus quickly spreads to the computer’s hard drive and then offers the user a chance to rid the program — for a hefty fee.
“Ransomware causes your computer files to be non-accessible and when that happens you have two choices. You can recover if you have a backup which I hope you do or pay the ransom within 100 hours. If you do not pay the ransom you lose all of your data,” technology expert Anthony Mongeluzo told MyFoxPhilly.
Simply ignoring the hostage takers isn’t an option, Mongeluzo said. If the computer has photos or files that are needed, the Crypto Locker Virus puts a lock on them that can only be opened when the ransom is paid.
“The way they’re accepting payments is bitcoin, a new form of cash that’s been making headway on the Internet. It’s used for lot of illegal activities.” Mongeluzo said.
The Crypto Virus struck news station ABC 33-40 in Birmingham, Alabama, leaving the station director with little choice but to pay the ransom.
“You buy this $300 Green Dot MoneyPak, you cannot use a credit card for it, it had to be cash or debit card. Once they claim the funds, they unlock your files. If those files had been lost, it could’ve affected 10 years’ worth of work by several departments,” said Ron Thomas.
Computer experts say there could be one way around the virus. There are already copycats to the Crypto Locker Virus that demand money but don’t actually lock the computer down. Taking an infected computer to an expert can determine if this is the case.
But there are some ways to prevent the Crypto Locker Virus from taking hold, they note. Experts recommend that you never open an email from an unknown source, and back up all important files.
It is so evil-y genius!
Supposedly you have 48 hours to pay the 2 BTC ransom or your PC gets erased, if you wait past then it bumps up to 10 BTC.
Sounds like a friggin' movie!
Crypto Locker Virus Locks Down Critical Files, Demands Ransom
http://www.inquisitr.com/1007454/crypto-locker-virus-locks-down-critical-files-demands-ransom/
The Crypto Locker virus is being called one of the strongest and most devastating computer viruses in history, and it strikes by literally holding computer owners hostage.
The virus infects computers through a legitimate looking email, usually from a reputable company like FedEx or UPS. Once opened, the virus quickly spreads to the computer’s hard drive and then offers the user a chance to rid the program — for a hefty fee.
“Ransomware causes your computer files to be non-accessible and when that happens you have two choices. You can recover if you have a backup which I hope you do or pay the ransom within 100 hours. If you do not pay the ransom you lose all of your data,” technology expert Anthony Mongeluzo told MyFoxPhilly.
Simply ignoring the hostage takers isn’t an option, Mongeluzo said. If the computer has photos or files that are needed, the Crypto Locker Virus puts a lock on them that can only be opened when the ransom is paid.
“The way they’re accepting payments is bitcoin, a new form of cash that’s been making headway on the Internet. It’s used for lot of illegal activities.” Mongeluzo said.
The Crypto Virus struck news station ABC 33-40 in Birmingham, Alabama, leaving the station director with little choice but to pay the ransom.
“You buy this $300 Green Dot MoneyPak, you cannot use a credit card for it, it had to be cash or debit card. Once they claim the funds, they unlock your files. If those files had been lost, it could’ve affected 10 years’ worth of work by several departments,” said Ron Thomas.
Computer experts say there could be one way around the virus. There are already copycats to the Crypto Locker Virus that demand money but don’t actually lock the computer down. Taking an infected computer to an expert can determine if this is the case.
But there are some ways to prevent the Crypto Locker Virus from taking hold, they note. Experts recommend that you never open an email from an unknown source, and back up all important files.
Yesterday we had a client call up in hysterics - only 24 hours left before CryptoLock is going to throw away the encryption keys - all data gone!
If interested, here are the screens she sent us http://imgur.com/a/EHBRb
Last night, we had a poke around the blockchain to see where the ransom monies flow. Here is the ransom address we were provided: https://blockchain.info/address/1M83NXYuPpjEjYt8baXYxriQNCDyfWU8i3
Ransom address is cleared out with this transaction:
https://blockchain.info/tx/c20079ca4a978a8b6eea1ba7fc2e3603b91dd73e34b7d381fa527d05ab3be375
The address where ransom is cleared to is interesting, to say the least...
https://blockchain.info/address/1AEoiHY23fbBn8QiJ5y6oAjrhRY1Fb85uc
Total Received 4,691.06798731 BTC and that is from 15-Oct-2013 to now. It's probably just one of a number of clearing/consolidation addresses.
These guys are probably making USD50,000,000 a year or more!
BTW - we calmed her down, eventually solved her problem. As a side note: the CryptoLock people need to dumb down the bitcoin thing - there must be hundreds of victims out there, like this lady, who've never even heard of bitcoin.
If interested, here are the screens she sent us http://imgur.com/a/EHBRb
Last night, we had a poke around the blockchain to see where the ransom monies flow. Here is the ransom address we were provided: https://blockchain.info/address/1M83NXYuPpjEjYt8baXYxriQNCDyfWU8i3
Ransom address is cleared out with this transaction:
https://blockchain.info/tx/c20079ca4a978a8b6eea1ba7fc2e3603b91dd73e34b7d381fa527d05ab3be375
The address where ransom is cleared to is interesting, to say the least...
https://blockchain.info/address/1AEoiHY23fbBn8QiJ5y6oAjrhRY1Fb85uc
Total Received 4,691.06798731 BTC and that is from 15-Oct-2013 to now. It's probably just one of a number of clearing/consolidation addresses.
These guys are probably making USD50,000,000 a year or more!
BTW - we calmed her down, eventually solved her problem. As a side note: the CryptoLock people need to dumb down the bitcoin thing - there must be hundreds of victims out there, like this lady, who've never even heard of bitcoin.
Jump to: