Expert: CoinVault Ransom a Scam; Don't Negotiate

Cybercriminals behind a brand new type of ransomware scam have implemented a new strategy they hope will convince more people to pay up. Unlike other ransomware scams, this one offers victims the ability to reclaim some of their files for "free."

Ransomware is a type of malware that locks users out of their systems. In most cases, a victim must pay a fee -- usually around several hundred dollars -- to reclaim control of their computers. However, there's no guarantee that a ransomware cybercriminal will follow through on the deal, and most security experts advise against negotiating with these crooks.

CoinVault: Some Files Can Be Reclaimed For Free

The most interesting type of malware to emerge in recent weeks is called CoinVault, which was discovered by security researchers at Webroot. According to the Webroot experts, CoinVault works like many other types of malware -- such as the very prominent CryptoWall and CryptoLocker programs -- but there's a twist: CoinVault gives users the chance to reclaim one of their files for no charge. (Source: pcworld.com)

There are several caveats to the "free" offering. In order to regain access to all files, users will have to pay 0.5 bitcoins, which is equivalent to about $200 USD. If users take too long to respond to the "offer" (perhaps to consult with law enforcement officials or security experts), the price goes up.

If the ransom is paid, CoinVault victims are reportedly given a password that allows them to bypass CoinVault's 256-bit AES encryption.

Security Expert says it's Best Not to Negotiate

Webroot security expert Tyler Moffitt admits that the CoinVault scam is a unique approach that could increase revenue for the cybercriminals behind the scheme. "This is a really interesting feature and it gives a good insight into what the actual decryption routine is like if you find yourself ... having to pay them," Moffitt said in a recent blog post. "I suspect that this freebie will increase the number of people who will pay." (Source: webroot.com)

Moffitt also says it would be silly to expect cybercriminals to keep their word on decrypting the files, and advises not to negotiate with the crooks.

How to Protect Yourself Against CoinVault

To help protect yourself against CoinVault and similar scams, our very own Dennis Faas of Infopackets.com recommends that you backup your most important files on a regular basis using Disk Image based-backups. If you find yourself infected with one of these encryption schemes, you can easily undo the damage (often within minutes) by reverting your system to a previously healthy state. Should you need help implementing a proper disk image backup (or anything else for that matter), feel free to contact Dennis for help.

What's Your Opinion?

Have you or anyone you know ever encountered a ransomware scheme? Would you be willing to pay money to reclaim important files even if experts advise against doing so? Do you think CoinVault's unique approach will increase its revenue?