Massachusetts police paid a ransom of Bitcoins to restore your files Bashny.Net

The police department of the city of Tewkesbury (Mass., USA) was in an awkward situation. All work files on the computers were encrypted some unknown program. For the encryption key from the police was required to pay the equivalent of $ 500 on a purse Bitcoin.

Trojans extortionists (ransomware) type KEYHolder, CryptoLocker CryptoWall and widespread in recent years. Some of them are much crap in terms of cryptography, so that files can be decrypted bez any redemption .

For example, a trojan-extortionist DirCrypt записывает RC4 key at the end of each encrypted file .



DirCrypt i>

The analytical report with analysis DirCrypt experts at Check Point wrote: "Picking up our jaws off the ground, we began to feel sorry for the poor malware authors. Apparently, he got confused and did not know where to save the encryption key, and somehow his idea came to save it at the end of the encrypted file. Thus, we can directly without problems decrypt each file ».

But there are some Trojans extortionists in which all sold very well : communications through the Tor network resistant cryptography, no vulnerabilities. Against them, save only backup, which should have thought before.

One way or another, but to catch the bait the police and get them to pay the ransom - it's just the apotheosis of arrogance.

When computers in the police department Tewkesbury began to slow and buggy, having difficulty viewing the records in the database of past arrests and incidents - no one suspected. Felt that the computer chudit, as usual, пишет local newspaper Boston Globe.

Suspicions of police officers arose when on the computer screen appeared a message "your personal files encrypted. Decryption is worth $ 500. If you really value your data, we believe you will not waste time searching for other solutions because they do not exist ».



Concerned police called an engineer. He confirmed: indeed, there is no other solution. To business joined the police state and federal level, as well as experts from the two private companies for information security. Nobody was able to decrypt the files. After five days of unsuccessful attempts to police Tewkesbury Bitcoins transferred to the specified account.

"At first I thought that we were infected with a virus, - says Timothy Sheehan (Timothy Sheehan), head of the police department of Tewkesbury. - Then we realized that there is something more. It's more like a cyber-terrorism ».

Department of the city of Tewkesbury was another police force whose computers infected with Trojan-extortionist. Similar cases reported in Illinois and Tennessee. Even cooperation with the FBI did not help them decipher the information. The police does not remain choice but to pay the ransom anonymous hackers. Documents are too important to lose them.

The total number of victims tryaonov extortionists worldwide is unknown. According to the Dell, only one CryptoWall Trojan infected more than 625,000 computers worldwide, including 250,000 in the US. Approximately 41% of the victims paid the same for the requested ransom (research University of Kent, UK).

Although there are heroes like Gary Bowen (Gary Bowen) from the police department in Collinsville (Alaska). He basically refused to cooperate with the "terrorists" and requested to pay a ransom of $ 500 in June 2014. Police more so never saw the files.

Source: geektimes.ru/post/248706/