Software Crack Sites Are Being Used To Distribute Ransomware

Hackers have long used the lure of software cracks to infect unsuspecting users, but recently, a new group is making waves and finding significant success in using the Exorcist 2.0 ransomware to lock a user’s files and extort them. It’s a nasty combination. The user thinks he’s getting a free unlock for some piece of software (most often, Microsoft’s Windows 10), but when he downloads and runs the file, which is password protected.

Since the user has to manually enter the password to gain access to the supposed unlock, those programs all assume that everything is fine. That allows the threat actors to neatly side-stepping Microsoft’s SmartScreen, Google’s Safe Browsing, or the security protocols included in whatever anti-malware software you’re running.

If you’ve been lured by the prospect of free software and found yourself with locked files, unless you’ve made a recent backup, you’re at the mercy of the hackers. They have extorted between $250 and as much as $10,000 from users to get their files back.

Of interest though, they’re surprisingly professional about it, or as professional as hackers can be expected to be, at any rate. You’ll be able to live chat with a hacker “customer service representative” who will helpfully walk you through the ransom paying process, and in a demonstration of ‘good faith,’ they’ll even decrypt one file for you, for free so you can see that they do indeed have the capability of restoring all of them.

This is obviously bad news, but in this case, the fix is a simple one: Don’t use cracked software. Spend the money to buy a legitimate copy. Sure, if you use a crack, you might get lucky. Then again, you might wind up with all your files encrypted and in a real bind. It’s just not worth the modest savings involved.