It will cause a major headache for those who pay and will hopefully make people learn to distrust ransomware, in turn making it less lucrative.
On the other hand, that requires a fair number of "acceptable casualties" so to speak.
I personally think both sides of this are valid and don't know what the best option really is. It will be interesting to watch how things evolve at least.
>will hopefully make people learn to distrust ransomware, in turn making it less lucrative.
Ransomware will never ever not be lucrative. Preventing people from getting their data back doesn't discourage future campaigns and primarily hurts the victims of the ransomware.
Seriously? The whole idea is so fundamentally stupid.
1) Ransomware authors have obvious economic incentive to decrypt, and no reason not to. This makes it a herculean task to convince the general public that they wouldn't do so.
2) By the time your data is encrypted, you'll be researching your specific ransomware strain and will find out if it's legit or not. Googling the onion address is an obvious choice and something the ransomware author can just tell you to do.
3) Most people will need someone more technical to arrange the bitcoin payment anyway, these people will verify if the ransomware seems to be legit or not.
4) People don't magically get smarter, phishing still works if you pass the spam filters.
5) Winlockers were immensely lucrative even before they started using crypto.
6) Unless you're going to run your fake-ransomware campaign at an immense scale you'll never drown out the real, working ransomware.
And then in the end, what the was your goal anyway? Good job, now you've deleted millions of peoples data on a retarded mission to "stop ransomware". But hey, at least you stopped those evil russians!!!
There are precisely zero good arguments for preventing people from decrypting their data.
> 1) Ransomware authors have obvious economic incentive to decrypt, and no reason not to. This makes it a herculean task to convince the general public that they wouldn't do so.
Its irrelevant, this has nothing to do with the fake ransomwares.
>2) By the time your data is encrypted, you'll be researching your specific ransomware strain and will find out if it's legit or not. Googling the onion address is an obvious choice and something the ransomware author can just tell you to do.
The search results of any onion address are just as fake-able.
> 3) 3) Most people will need someone more technical to arrange the bitcoin payment anyway, these people will verify if the ransomware seems to be legit or not.
Sure, with their ransomware-detecting powers
>4) People don't magically get smarter, phishing still works if you pass the spam filters.
What has to do with anything
I got bored to keep answering, in general your points seem week which make you sound a bit too much like a ransomware creator. Probably not because you have 3 years here but otherwise you do.
>I got bored to keep answering, in general your points seem week which make you sound a bit too much like a ransomware creator. Probably not because you have 3 years here but otherwise you do.

Not a ransomware creator but I understand the economics at play. Ransomware is more profitable than sending spam, unless you're spamming to spread malware.
The value of individual installs has historically averaged at significantly less than a dollar each, ransomware is bringing that way up.
You aren't going to stop ransomware unless you figure out a solution to all other malware, or invent a more profitable scheme. People need to do something with their bots and ransomware is always going to make more money than spamming from bots that haven't been able to inbox anything for 5 years.
There's simply no way you'll stop enough people from paying to make viagra spam beat ransomware.
Not really, ransomware is way more dangerous than selling viagra; I may want to kill you if you encrypt my data, not so much if you sell me a couple of viagra pills that don't work. When you scam someone (e.g nigerian scam) you take money from one (or a few) person only, here you are taking data from a lot of people and hoping some very few will pay; making a lot more enemies in the process, likely including state actors; which may make it a federal crime to pay such ransomwares.
Diminishing returns, running spam botnets is already so risky that making more enemies by graduating to ransomware probably doesn't make a perceptible difference. Do you go to prison for 25 years or 30?
Sure, you could probably deter ransomware by sending DEVGRU to murder the authors, but I doubt it's worth the political shitstorm that'd follow.
It will cause a major headache for those who pay and will hopefully make people learn to distrust ransomware, in turn making it less lucrative.
On the other hand, that requires a fair number of "acceptable casualties" so to speak.
I personally think both sides of this are valid and don't know what the best option really is. It will be interesting to watch how things evolve at least.