CyberCrimeSecuritySecurity Management

Ransomware Promises Donation To Children’s Charity

Tom Jowitt is a leading British tech freelance and long standing contributor to TechWeek Europe

Google + Linkedin Subscribe to our newsletter Write a comment

How low can they go? New ransomware scam promises kid charity donation AND tech support for three years

A new strain of ransomware looks to exploit victims in a new way after promising to donate the ransom to a children’s charity.

The “CryptMix” ransomware also promises the victim they will receive free technical support for their PC, for a three year period.

Charity Claim

Heimdal Security revealed in a blog post that the new strain of ransomware utilises open source malware components from CryptoWall 4.0 and CryptXXX.

Ransomware typically infects an individual or organisation via a malicious email attachment. It often encrypts the contents of a computer, and demands a ransom to unlock it.

Ransom, gun, laptop, crime © Tatiana Popova, Shutterstock 2014And this CryptMix ransomware follows the usual pattern. It infects the victim’s PC via spam emails and drive-by attacks. It then encrypts numerous files on the victim’s PC, and then displays a ransom note that demands 5 bitcoins (£1,560 at the time of publication).

That is a very expensive ransom demand, as previous research found that victims typically pay up to £400 to recover their encrypted data.

But what makes this particular piece of ransomware so vile is the fact that the attackers promise to donate the money to a children’s charity.

“Price of software and your private key is 5 bitcoins,” Heimdal quotes the ransom note as saying. “With this product you can decrypt all your files and protect Your system!!! Protect!!! Your system will be without any vulnerability. Also You will have a FREE tech support for solving any PC troubles for 3 years!

“Your money will be spent for the children charity. So that is mean that You will get a participation in this process too. Many children will receive presents and medical help!”

The attackers then top this off by thanking the victim and saying they are a kind and honest person (unlike the attackers).

“And We trust that you are kind and honest person! Thank You very much!” they said. “We wish You all the best! Your name will be in the main donors list and will stay in the charity history!”

The “Charity Team” signs off the ransom demand with a warning that the ransom will be doubled in the next 24 hours automatically if the ransom is not paid.

UK Target

Last month  security specialist ESET warned that the UK is being heavily targeted by ransomware scams. Other security companies have also warned previously that the UK remains one of the top targets for ransomware attacks.

But ransomware is a global scourge, and in the United States there has been a spate of ransomware attacks on healthcare organisations, which prompted the FBI to appeal to businesses and IT experts for emergency help.

Trend Micro recently predicted that 2016 is going to be a tough year for ransomware infections. It said there had been more ransomware-related infections in February this year, compared to the first six months of last year in total.

And if data is not backed up, many users feel they have little choice but to pay the attackers. A recent Tripwire survey for example revealed that most security professionals remain pessimistic of their recovery chances from a ransomware attack.

Are you a security pro? Try our quiz!