Wexford man refuses to pay €800 ransom after computer hacked
Published 15/12/2015 | 00:00
HACKERS remotely encrypted a Wexford man's computer and demanded a ransom of €800 in bitcoins to unlock it.
The businessman refused to pay and a result lost eight years of work and had to replace his computer's hard drive.
Urban Schrott, a Wexford-based IT Security and Cyber Crime Analyst with Internet security provider ESET Ireland said there were many similar cases of ransom demands in Ireland, often for smaller amounts of money, which in some cases were paid.
'This one is of particular interest because of the amount involved and the fact that it involves one of our Wexford partners,' Mr Schrott told this newspaper.
'This was his own computer which was used for work.. our partners replaced his hard drive in the hope that it could be decrypted at a later date.'
The victim was checking emails and surfing the internet when he received a message on his computer screen telling him all his files had been attacked by a virus encoder.
'All your files are now encrypted using a cryptographically strong algorithm. Without the original key recovery is impossible.'
The hackers told the computer owner that, to get the decoder and the original key, he needed to email the hackers at a certain email address.
'Our assistance is not free, so expect to pay a reasonable price for our decrypting services. No exceptions will be made."
'Annoyed as he was about it all, he didn't want to chance paying the ransom fee, but would have chanced it though, if it had of been around €20,' said Mr Schrott.
ESET emailed the address the hackers had given and they demanded €800.
'I replied and played the sob story and said all my children's pics were on it and I couldn't afford the €800. They replied saying they would do it for €700 and, if I wasn't interested in that price, tough,' said Mr Schrott.
ESET Ireland raised several major issues about what happened to the man.
Firstly, he had no backup on his machine, he was using free anti-virus software and a Windows XP system which has been without Microsoft support since XP ended in April 2014.
Ransomware is most usually spread through infected attachments in emails.