You are reading a single comment by @starfish&coffee and its replies.
Click here to read the full conversation.
-
I doubt even those that pay will get anywhere. Payments going to just 3 bitcoin wallets? Those wallets are now being watched. How do you prove /you/ paid?
Also seen some code analysis that suggests that there may not be a decryption routine.
Given the shonkyness of the kill-url implementation (one fixed url, vs 5 random ones in another virus), and the suggestion that this was to stop it being analysed (not really a kill switch), I suspect the above may be correct.
My take on it is that it's actually been far more successful that the creators had thought that it would be. I don't think that any private (rather than state) actor would have wanted this to happen, as the attention makes it harder to withdraw the ransom from its bitcoin wallet
MrDrem
@starfish&coffee
There's a Radiolab episode, Darkcode, where a woman gives into ransomware demands and decides to pay. It was a pretty laborious process with extensive one-to-one human communication just to unlock a single PC. If this current attack uses a similar method when reaping the gains, then they will need to employ a huge army of 'customer reps'. I'm guessing that the more people they hire, the bigger the risk of being found out?