Again the cyberattacks in exchange for rescue are on the lookout. On June 27, global ransomware Petya encrypted victims’ computers in Europe, including the Ukrainian government, banks, a Russian oil company, the British advertising company WPP and other international organizations. It was known that developers and distributors behind ransomware Petya required individual victims to pay $ 300 in bitcoin in exchange for a personal decryption key that is needed to recover files from ransomware-infected devices.
Because the public bitcoin bit stream is transparent and decentralized, anyone within the network can openly track the bitcoin addresses and their transactions stored within bitcoin blocks. According to Blockchain, ransomware developers have received more than $ 10,000 in bitcoin rescue to date from 45 casualties.
However, an announcement by Posteo, a German e-mail service provider, revealed that the e-mail addresses associated with the Ransomware Petya attack were closed and terminated immediately after Posteo’s legal team was informed that Email addresses were used to fund a global ransomware attack.
Following the discovery of Posteo’s email address association with Petya’s global ransomware attack, Posteo’s team blocked several email addresses listed in Petya’s rescue email.
And there is a major problem with Posteo’s decision to block email addresses associated with the ransomware Petya attack, is that victims who have paid the $ 300 bitcoin bailout to receive their decryption keys and retrieve their files can no longer receive the keys Decryption because Petya developers can not access their email addresses.
Therefore, the Petya ransomware team can not identify who has sent the desired rescue payments to their bitcoin address and victims who have paid more than $ 10,000 will not be able to receive their decryption keys. So who wins in this sad story is crime.
Posteo might have thought that its decision could be beneficial to those who have not been infected or affected by the Petya ransomware, as it discourages victims from paying the $ 300 bailout to Petya ransomware distributors. However, Petya developers can easily alter the messages distributed by their ransomware to their victims and simply use a different email address to extort the bitcoin rescue of their victims.
Either way, Posteo’s decision to terminate the email addresses of the Petya ransomware development team does not benefit both parties as it eliminates the possibility that victims receive their decryption keys.
For this reason, the Federal Bureau of Investigation (FBI) advised ransomware victims not to pay any ransom, as it is not guaranteed that ransomware distributors will release decryption keys to free the computers affected by ransomware. The public announcement reads:
“Paying a ransom does not guarantee that the victim will regain access to their data, in fact, some people or organizations never receive decryption keys after paying a ransom.”
By now unfortunately the cybercrime wins the game, but the last word is not yet said.
We invite you to follow the day by day about the cryptocurrencies, blockchain and bitcoin world at Crypto-economy.