Menu
New ransomware CoinVault allows users to decrypt one file for free

New ransomware CoinVault allows users to decrypt one file for free

Cybercriminals use freebie tactic in attempt to increase ransomware success rate

Cybercriminals behind a new ransomware program called CoinVault are trying out a new psychological tactic to convince users to pay up -- freebies.

The new threat was discovered by security researchers from Webroot and is similar in functionality to more prevalent ransomware programs like CryptoWall. It uses strong 256-bit AES encryption with keys stored on a remote server, it kills the Windows Volume Shadow Copy Service so that users can't use it to recover their files and only supports Bitcoin as a payment method.

Users are asked to pay 0.5 bitcoins -- around $200 at the current exchange rate -- in order to receive the key that decrypts their files, but the cost increases every 24 hours.

One aspect that sets CoinVault apart from other file-encrypting ransomware programs is that it allows users to see a list of encrypted files on their computer and choose one they can decrypt for free.

"This is a really interesting feature and it gives a good insight into what the actual decryption routine is like if you find yourself actually having to pay them," Webroot security researcher Tyler Moffitt said in a blog post. "I suspect that this freebie will increase the number of people who will pay."

Ransomware programs like CryptoLocker and CryptoWall have infected over 1 million computers and earned their creators millions of dollars.

Security researchers generally advise users not to give in to this form of extortion because it only helps further the fraud, but unfortunately paying the ransom is often the only option many users have to recover their files if they haven't backed up regularly and securely.

Another common argument against paying up is that when you deal with cybercriminals there's no guarantee they'll deliver on their promise. CoinVault's one-file-for-free feature is most likely intended to reassure victims that the program's creators have the ability to decrypt the files.


Follow Us

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Tags fraudmalwareWebrootDesktop security

Featured

Slideshows

The making of an MSSP: a blueprint for growth in NZ

The making of an MSSP: a blueprint for growth in NZ

Partners are actively building out security practices and services to match, yet remain challenged by a lack of guidance in the market. This exclusive Reseller News Roundtable - in association with Sophos - assessed the making of an MSSP, outlining the blueprint for growth and how partners can differentiate in New Zealand.

The making of an MSSP: a blueprint for growth in NZ
Reseller News Platinum Club celebrates leading partners in 2018

Reseller News Platinum Club celebrates leading partners in 2018

The leading players of the New Zealand channel came together to celebrate a year of achievement at the inaugural Reseller News Platinum Club lunch in Auckland. Following the Reseller News Innovation Awards, Platinum Club provides a platform to showcase the top performing partners and start-ups of the past 12 months, with more than ​​50 organisations in the spotlight.​​​

Reseller News Platinum Club celebrates leading partners in 2018
Meet the top performing HP partners in NZ

Meet the top performing HP partners in NZ

HP has honoured its leading partners in New Zealand during 2018, following 12 months of growth through the local channel. Unveiled during the fourth running of the ceremony in Auckland, the awards recognise and celebrate excellence, growth, consistency and engagement of standout Kiwi partners.

Meet the top performing HP partners in NZ
Show Comments