Just when you thought Ransomware was the scariest jack in the pumpkin patch, in walks Ranscam. Ranscam operates under the same basis as ransomware, using fear tactics to persuade victims to pay up by threatening to delete files if the ransom isn’t paid. However, unlike traditional Ransomware it proves that there isn’t always honor among thieves and deletes files whether the ransom is paid or not.
Ranscam is said to be very low-tech but highly destructive. When the first message is displayed it says victims must pay “0.2 bitcoin ($130) to unlock your computer”. It also warns that files have been moved to a hidden partition and encrypted. This is already deviating from the typical Ransomware method of operation as most threats don’t “move” your files, they simply make them impossible for you to access. Additionally, it threatens to delete files every time you click the option to pay without successfully following through to persuade victims to pay the ransom more than once.
The only reason this threat is in the Ransomware family is because of the message displayed that files have been encrypted. It lacks the complexity of traditional Ransomware and cannot be trusted. Overall, it’s just a quick way for the hackers to make a fast buck. It’s likely that when users are infected with more sophisticated Ransomware they’ll be less willing to pay up out of fear of being scammed. This way of thinking is not necessarily bad.
If your system is attacked by any form of Ransomware it is not recommended to pay. There is never a guarantee that files will be restored. New threats are entering the Ransomware market every day further justifying the need for a concrete backup solution, the 3-2-1 strategy for example. Your business should have 3 copies of your data, stored in 2 different types of media with 1 backup kept off-site. No matter the threat, backup is always the solution. Nothing combats an attack-like preparation. To learn more about these Ransomware threats and how you can protect yourself, with Ransomware Prevention.