Just when you thought Ransomware was the scariest jack in the pumpkin patch, in walks Ranscam. Ranscam operates under the same basis of ransomware, using fear tactics to persuade victims to pay up by threatening to delete files if the ransom isn’t paid. However, unlike traditional Ransomware it proves that there isn’t always honor among thieves and deletes files whether the ransom is paid or not.
Ranscam is a Low Tech, High Destruction Ransomware
Ranscam is said to be very low tech but highly destructive. When the first message is displayed it says victims must pay “0.2 bitcoin ($130) to unlock your computer”. It also warns that files have been moved to a hidden partition and encrypted. This is already deviating from the typical Ransomware method of operation as most threats don’t “move” your files, they simply make them impossible for you to access. Additionally, it threatens to delete files every time you click the option to pay without successfully following through to persuade victims to pay the ransom more than once.
Not Your Typical Threat
This isn’t your typical threat because well, it’s not really a threat. The actions you take after the original message is displayed don’t really matter either way. The end result in Ranscam is always the same, your files are gone. Many feel that Ranscam is giving Ransomware a bad name, as if we could feel any worse about important files being held for ransom. The deletion of the files may indicate that the authors of this malware are either incredibly lazy or lack cryptolocking skills.
The only reason this threat is in the Ransomware family is because of the message displayed that files have been encrypted. It lacks the complexity of traditional Ransomware and cannot be trusted. Overall, it’s just a quick way for the hackers to make a fast buck. It’s actually likely that when users are infected with more sophisticated Ransomware they’ll be less willing to pay up out of fear of being scammed.This way of thinking is not necessarily bad.
Do Not Pay the Ransome
If your system is attacked by any form of Ransomware it is not recommended to pay. There is never a guarantee that files will be restored. New threats are entering the Ransomware market everyday further justifying the need for a concrete backup solution, the 3-2-1 strategy for example. Your business should have 3 copies of your data, stored in 2 different types of media with 1 backup kept off site. No matter the threat, backup is always the solution. Nothing combats an attack like preparation. To learn more about these Ransomware threats and how you can protect yourself, download our whitepaper on Ransomware Prevention.