Ransomware Promises Donation To Children’s Charity

A new strain of ransomware looks to exploit victims in a new way after promising to donate the ransom to a children’s charity.

The “CryptMix” ransomware also promises the victim they will receive free technical support for their PC, for a three year period.

Charity Claim

Heimdal Security revealed in a blog post that the new strain of ransomware utilises open source malware components from CryptoWall 4.0 and CryptXXX.

Ransomware typically infects an individual or organisation via a malicious email attachment. It often encrypts the contents of a computer, and demands a ransom to unlock it.

And this CryptMix ransomware follows the usual pattern. It infects the victim’s PC via spam emails and drive-by attacks. It then encrypts numerous files on the victim’s PC, and then displays a ransom note that demands 5 bitcoins (£1,560 at the time of publication).

That is a very expensive ransom demand, as previous research found that victims typically pay up to £400 to recover their encrypted data.

But what makes this particular piece of ransomware so vile is the fact that the attackers promise to donate the money to a children’s charity.

“Price of software and your private key is 5 bitcoins,” Heimdal quotes the ransom note as saying. “With this product you can decrypt all your files and protect Your system!!! Protect!!! Your system will be without any vulnerability. Also You will have a FREE tech support for solving any PC troubles for 3 years!

“Your money will be spent for the children charity. So that is mean that You will get a participation in this process too. Many children will receive presents and medical help!”

The attackers then top this off by thanking the victim and saying they are a kind and honest person (unlike the attackers).

“And We trust that you are kind and honest person! Thank You very much!” they said. “We wish You all the best! Your name will be in the main donors list and will stay in the charity history!”

The “Charity Team” signs off the ransom demand with a warning that the ransom will be doubled in the next 24 hours automatically if the ransom is not paid.

UK Target

Last month  security specialist ESET warned that the UK is being heavily targeted by ransomware scams. Other security companies have also warned previously that the UK remains one of the top targets for ransomware attacks.

But ransomware is a global scourge, and in the United States there has been a spate of ransomware attacks on healthcare organisations, which prompted the FBI to appeal to businesses and IT experts for emergency help.

Trend Micro recently predicted that 2016 is going to be a tough year for ransomware infections. It said there had been more ransomware-related infections in February this year, compared to the first six months of last year in total.

And if data is not backed up, many users feel they have little choice but to pay the attackers. A recent Tripwire survey for example revealed that most security professionals remain pessimistic of their recovery chances from a ransomware attack.

Are you a security pro? Try our quiz!

Tom Jowitt

Tom Jowitt is a leading British tech freelancer and long standing contributor to Silicon UK. He is also a bit of a Lord of the Rings nut...

Recent Posts

UK’s CMA Readies Cloud Sector “Behavioural” Remedies – Report

Targetting AWS, Microsoft? British competition regulator soon to announce “behavioural” remedies for cloud sector

13 hours ago

Former Policy Boss At X Nick Pickles, Joins Sam Altman Venture

Move to Elon Musk rival. Former senior executive at X joins Sam Altman's venture formerly…

16 hours ago

Bitcoin Rises Above $96,000 Amid Trump Optimism

Bitcoin price rises towards $100,000, amid investor optimism of friendlier US regulatory landscape under Donald…

17 hours ago

FTX Co-Founder Gary Wang Spared Prison

Judge Kaplan praises former FTX CTO Gary Wang for his co-operation against Sam Bankman-Fried during…

18 hours ago