
Ask HN: How would you pay the Bitcoin Ransom in less than 5 hours? - md5session
Ransomware - If you had no choice but paying the Ransom and you don’t have a bitcoin wallet yet, how would you pay it in less than 5 hours?
======
uncletammy
I haven't heard of one single confirmed case where paying the Wannacrypt
ransom actually resulted in the files being released. Other ransomeware, yes.
Not this one.

There is no way to associate a payment in bitcoin with a particular infected
computer. To do that, attackers would need to have provided unique payment
addresses for each computer or unique payment amounts. The only other way
would be for the crooks to use the honors system. Don't count on that.

Clone the drive in case a master key gets leaked in the future. In the mean
time, start fresh and dont pay the ransom.

~~~
SyneRyder
Mikko Hypponnen of F-Secure says they have confirmation of _some_ (1st wave)
Wannacry victims getting their files back after paying ransoms (but still
doesn't recommend it).

[https://twitter.com/mikko/status/864107673146490880](https://twitter.com/mikko/status/864107673146490880)

Edit: Updated to clarify some victims, and for the first variant. But he goes
on to recommend against paying, especially for new variants:

[https://twitter.com/mikko/status/865122274164318208](https://twitter.com/mikko/status/865122274164318208)

------
michaelbuckbee
The big question is how much you need to pay in ransom. Most random ransomware
is in the $300 - $1000 range with certain more targeted installs getting hit
for lots more [1].

Someone else already suggested Coinbase, but as you're asking here, that might
not be an option for you for some reason.

Alternatively you could try and see if a Bitcoin ATM is near you:

[https://coinatmradar.com/](https://coinatmradar.com/)

or meeting someone in person to swap cash for Bitcoin

[https://localbitcoins.com/](https://localbitcoins.com/)

Lastly, double check the Ransomware ID sites:

[https://id-ransomware.malwarehunterteam.com/](https://id-
ransomware.malwarehunterteam.com/)

[https://www.varonis.com/ransomware-
identifier](https://www.varonis.com/ransomware-identifier)

Maybe there is a decryptor.

1 - [http://www.latimes.com/business/technology/la-me-ln-
hollywoo...](http://www.latimes.com/business/technology/la-me-ln-hollywood-
hospital-bitcoin-20160217-story.html)

------
lsiebert
Have you considered trying to recover files that were deleted? Here's
someone's free software being promoted for that with handy instructions
[http://www.easeus.com/data-recovery/recover-decrypt-
wannacry...](http://www.easeus.com/data-recovery/recover-decrypt-wannacrypt-
encrypted-files.html), or you can try Recuva, which is supposed to be
particularly good, with a fairly fast deep scan. PhotoRec is where I would
probably go for a windows machine myself, it scans slower, but is command line
and understands file formats so even if data is partially corrupted it can
rebuild and fix.

Obviously, run these from a usb drive so you don't overwrite more.

------
1ba9115454
Local bitcoins [https://localbitcoins.com/](https://localbitcoins.com/)

No documentation needed, just meet someone in the street. Use a public place
for your own safety, you'll need cash.

~~~
xiphias
A good place for the transaction is inside a bank... they have quite good
cameras and security guards

------
alva
Depends on the size of the ransom. For relatively small amounts Coinbase would
be a quick option, however there are deposit limits for a period of time.

------
0x4f3759df
It seems like there's a market for an insurance product where the provider
holds bitcoins and the payout is in bitcoins for just this use case.

~~~
miguelrochefort
Ethereum allows just that.

------
GrumpyNl
Do every other thing you can but never ever pay.

~~~
MichaelBurge
I've heard the argument that paying gives them an incentive to develop
stronger ransomware, harming the entire industry. Since this most recent
ransomware depends on leaked NSA tools, no amount of incentives will get the
script kiddies writing similarly sophisticated exploits. Then, are there
really any long-term drawbacks if people pay the ransom?

~~~
tdb7893
This exploit depended on the tools but unless the NSA keeps leaking tools it's
not like there are going to keep being more so at a certain point the
randomware people need their own exploits. That's not even counting it
probably takes at least some amount of work to turn an exploit into a working
ransomware and also set up the payments in a way that governments can't go
after you

------
tribby
if you're referring to wannacrypt, don't.

hypothetically, though, use localbitcoins.com if you can find someone in your
area, otherwise coinbase. the problem with coinbase isn't just the purchase
limit -- banks frequently flag coinbase purchases (and other exchanges) which
can result in a drawn-out process that lasts more than five hours.

------
dtnewman
I'd post on Facebook and see if there's anybody I know and trust who has
bitcoin they could sell me in return for a promise of cash payment. Or I'd use
a service that lets me purchase using credit cards, such as Coinbase, although
the issue there is that they limit _how much_ you can purchase by credit card
at a time. So maybe i'd have several people sign up for coinbase accounts and
then aggregate the bitcoin together into one account.

------
tonydanza
"asking for a friend..."

------
shp0ngle
There are bitcoin ATMs in my city, so I would use that.

------
stillhere
Restore from backup.

------
miguelrochefort
Assuming the ransom is $300:

\- Open 4 Coinbase accounts.

\- Add and verify 4 different credit cards.

\- Buy ~$100 worth of Bitcoin on each account (weekly limit without
verification).

\- Pay the ransom.

