Ask HN: How would you pay the Bitcoin Ransom in less than 5 hours?

8 points by md5session ↗ HN
Ransomware - If you had no choice but paying the Ransom and you don’t have a bitcoin wallet yet, how would you pay it in less than 5 hours?

19 comments

[ 4.4 ms ] story [ 59.5 ms ] thread
Do every other thing you can but never ever pay.
Well, sometimes it might be the only way to get your files back.
I've heard the argument that paying gives them an incentive to develop stronger ransomware, harming the entire industry. Since this most recent ransomware depends on leaked NSA tools, no amount of incentives will get the script kiddies writing similarly sophisticated exploits. Then, are there really any long-term drawbacks if people pay the ransom?
This exploit depended on the tools but unless the NSA keeps leaking tools it's not like there are going to keep being more so at a certain point the randomware people need their own exploits. That's not even counting it probably takes at least some amount of work to turn an exploit into a working ransomware and also set up the payments in a way that governments can't go after you
I'd post on Facebook and see if there's anybody I know and trust who has bitcoin they could sell me in return for a promise of cash payment. Or I'd use a service that lets me purchase using credit cards, such as Coinbase, although the issue there is that they limit _how much_ you can purchase by credit card at a time. So maybe i'd have several people sign up for coinbase accounts and then aggregate the bitcoin together into one account.
Depends on the size of the ransom. For relatively small amounts Coinbase would be a quick option, however there are deposit limits for a period of time.
I haven't heard of one single confirmed case where paying the Wannacrypt ransom actually resulted in the files being released. Other ransomeware, yes. Not this one.

There is no way to associate a payment in bitcoin with a particular infected computer. To do that, attackers would need to have provided unique payment addresses for each computer or unique payment amounts. The only other way would be for the crooks to use the honors system. Don't count on that.

Clone the drive in case a master key gets leaked in the future. In the mean time, start fresh and dont pay the ransom.

if you're referring to wannacrypt, don't.

hypothetically, though, use localbitcoins.com if you can find someone in your area, otherwise coinbase. the problem with coinbase isn't just the purchase limit -- banks frequently flag coinbase purchases (and other exchanges) which can result in a drawn-out process that lasts more than five hours.

Local bitcoins https://localbitcoins.com/

No documentation needed, just meet someone in the street. Use a public place for your own safety, you'll need cash.

A good place for the transaction is inside a bank... they have quite good cameras and security guards
The big question is how much you need to pay in ransom. Most random ransomware is in the $300 - $1000 range with certain more targeted installs getting hit for lots more [1].

Someone else already suggested Coinbase, but as you're asking here, that might not be an option for you for some reason.

Alternatively you could try and see if a Bitcoin ATM is near you:

https://coinatmradar.com/

or meeting someone in person to swap cash for Bitcoin

https://localbitcoins.com/

Lastly, double check the Ransomware ID sites:

https://id-ransomware.malwarehunterteam.com/

https://www.varonis.com/ransomware-identifier

Maybe there is a decryptor.

1 - http://www.latimes.com/business/technology/la-me-ln-hollywoo...

It seems like there's a market for an insurance product where the provider holds bitcoins and the payout is in bitcoins for just this use case.
Assuming the ransom is $300:

- Open 4 Coinbase accounts.

- Add and verify 4 different credit cards.

- Buy ~$100 worth of Bitcoin on each account (weekly limit without verification).

- Pay the ransom.

There are bitcoin ATMs in my city, so I would use that.
Have you considered trying to recover files that were deleted? Here's someone's free software being promoted for that with handy instructions http://www.easeus.com/data-recovery/recover-decrypt-wannacry..., or you can try Recuva, which is supposed to be particularly good, with a fairly fast deep scan. PhotoRec is where I would probably go for a windows machine myself, it scans slower, but is command line and understands file formats so even if data is partially corrupted it can rebuild and fix.

Obviously, run these from a usb drive so you don't overwrite more.