Three out of four ransomware criminal gangs are willing to negotiate the shakedown price. And all the operators of file encrypting ransomware scams will give victims more time to pay up.
So say security researchers at F-Secure, who investigated the "customer experience" of five active crypto-ransomware variants, beginning with the initial ransom screen all the way to interacting with the ransomware criminals behind each of those variants.
More ReadingSentinelOne's $1m ransomware guarantee dismissed as PR stuntSaved from ransomware thugs... by rival ransomware thugCisco busts ransomware rodent targeting bitcoin, cryptocoin subredditsEuro cops, Intel and Kaspersky slay Shade ransomwareSecurity firms team to take down rudimentary ransomware
Ransomware gangs are usually willing to negotiate the price, averaging a 29 per cent discount on the initial demand.
The crooks might act tough and uncompromising but they also have to “establish a degree of trust with the victim and be ready to offer a certain level of service in order to realise the payment in the end," according to F-Secure.
As such, crypto-ransomware families often operate similar to legitimate businesses, with accessible web pages, helpful FAQs, "free trials" for file decryption, and even customer support channels staffed by responsive agents.
One group approached claimed to be hired by a corporation to hack another corporation. This claim is unproven and could be hacker braggadocio.
F-Secure’s report, Evaluating the Customer Journey of Crypto-Ransomware and the Paradox Behind It, can be found here (pdf).
A comic book-style infographic summarising the main findings of the study as well as tips on protecting against ransomware problems is here. ®