Tens of Millions in the UK May Be Targeted by CryptoLocker Bitcoin Ransomware

The UK’s crime agency alerted people today after bitcoin ransomware scourge Cryptolocker swept the country.

AccessTimeIconNov 15, 2013 at 10:43 p.m. UTC
Updated Sep 10, 2021 at 11:59 a.m. UTC
10 Years of Decentralizing the Future
May 29-31, 2024 - Austin, TexasThe biggest and most established global event for everything crypto, blockchain and Web3.Register Now

The UK’s crime agency released an alert today after a flood of spam swept the country promoting bitcoin ransomware scourge CryptoLocker.

The National Cyber Crime Unit predicted that emails would hit tens of millions of UK customers, and that they were targeting small to medium-sized businesses in particular. “This spamming event is assessed as a significant risk,” it said.

Discovered last month, CryptoLocker is distributed by email. It includes a ZIP file attachment that infects a victim’s computer, encrypting their files, and them demanding a ransom of 2 bitcoins. That will see people paying almost £500 to get their files back. It’s likely, however, that victims at this point will choose to pay in fiat currency, which is also an option. Reports indicate that this costs $300.

CryptoLocker has become more sophisticated over the last few weeks. The perpetrators have created a Tor-shielded web site that enables victims to redownload the private keys necessary to unlock their files, rather than sending bitcoin or MoneyPak payments. It also offers a ‘second chance’ option to download their files. The software originally warned that files would be unrecoverable after 72 hours. Now, the site simply increases the ransom to 10 BTC, and the option to pay with fiat via MoneyPak is removed.

That will be of scant comfort to the poor old lady who one Bitcointalk.org contributor says he found hanging around Vancouver, BC’s bitcoin ATM on Monday. She was putting money into the bitcoin ATM and couldn’t understand why no bitcoins were coming out. The woman, who didn’t understand how a paper-based private key worked, had apparently been targeted by CryptoLocker and was trying to get her files back.

CryptoLocker, combined with Tor, provides a low risk/opportunity ratio for crooks, pointed out Mike Hearn in his post about marked coins, which was publicised on Reddit yesterday. He cited the ransomware explicitly as an example of how marked coins could be useful.

It is unclear how many people are paying with bitcoins as opposed to fiat currency to get their files back, but reports suggest that either way, they are able to unlock their files afterwards. And at least one Chamber of Commerce is advising victims to pay. With bitcoin prices over $400, it looks like a win for the criminals, and a lose for thousands of victims, at this point.

Brian Krebs has some tips for how to protect your PC.

Featured image: lolloj / Shutterstock


Please note that our privacy policy, terms of use, cookies, and do not sell my personal information has been updated.

CoinDesk is an award-winning media outlet that covers the cryptocurrency industry. Its journalists abide by a strict set of editorial policies. In November 2023, CoinDesk was acquired by the Bullish group, owner of Bullish, a regulated, digital assets exchange. The Bullish group is majority-owned by Block.one; both companies have interests in a variety of blockchain and digital asset businesses and significant holdings of digital assets, including bitcoin. CoinDesk operates as an independent subsidiary with an editorial committee to protect journalistic independence. CoinDesk employees, including journalists, may receive options in the Bullish group as part of their compensation.

Learn more about Consensus 2024, CoinDesk's longest-running and most influential event that brings together all sides of crypto, blockchain and Web3. Head to consensus.coindesk.com to register and buy your pass now.