This variant seems to - it needs the command and control servers to get the public key.
Particularly evil malware could probably encrypt the data irreversibly if the command and control servers were unavailable, since as long as the decryption works some portion of the time lots of people will pay, but thankfully this particular example doesn't seem to be there yet.
Even if it encrypts regardless, preventing the perpetrators from profiting will remove their incentive to keep spreading this stuff. Once antivirus catches up to the copies in the wild, the problem would be solved. Of course, whether it's actually possible to shut down enough servers to prevent them from profiting is another question. But it seems to me anything that makes it more difficult is a good thing, even though it does suck for those who lose data.
This wouldn't really prevent them from profiting - an unsuspecting user could still pay the ransom, and then never receive a decryption key, so would be both out of the money and lose their data.
Sure, it wouldn't prevent it completely, immediately. But 1) many users will do a search beforehand to see whether paying actually works. The less often it has worked for others, the less likely they will be to pay, and more importantly, 3) it would prevent them distributing new versions of the malware, which would prevent them profiting once antivirus caught up to the existing versions.
