Is ransomware going out of fashion or is it getting too hot to handle? For whatever reason, it appears a couple of cryptoware creators are bailing out of the business and giving the keys to whoever wants them.
Last week, the author of the Locker ransomware released the encryption keys to the public, enabling victims to decrypt their files free of charge. Provided the victims hadn't tampered with the ransomware that installed itself on their computers, the decryption of all affected hosts was due to begin on 2 June.
Now another ransomware author has put Tox up for sale. Tox is a ransomware-as-a-service tool that appeared last month.
If no one buys it, he claims in a post on Pastebin, he will release the keys and decrypt victims' files for free.
The author of Tox, who goes by the name 'Tox himself, says he is just a lone coder, a teenage student who brags that he opened the door to a whole new way of thinking about ransomware. Dismissing suggestions that Tox was written by a team, he said, “If I really was a team of hard core hackers, with time and resources, this would have become one [of] the greatest viruses ever.”
He says he honed Tox by soliciting feedback from discussion forums, who not only helped him test and debug it but also suggested features and improvements. “I don't think that such a great brainstorming has ever happened in the process of designing a virus,” he said. “Users were spurred to help me improving [sic] the platform, for their own good.”
If Tox is driven by remorse to get out of the business, he is still more concerned for the good regard of his fellow hackers than his victims. As he says in his post, “I'm not going to scam you. In a few days I'll ask you a bitcoin address in the case somebody pays some of your ransoms. I'll forward you your part.”