Hacker News new | past | comments | ask | show | jobs | submit login

Thanks, I just realized it after reading Claud Xiao and Jin Chen's analysis, too. Apparently, this ransomware uses Tor to hide its origin.

Analysis: http://researchcenter.paloaltonetworks.com/2016/03/new-os-x-...




I liked the "We have ticket system." (in the screenshot of "README_TO_DECRYPT.txt").

They ask (only) 1 BtC as a ransom.


And they decrypt one file for free, to prove they can do it. Nice touch.

Screenshots of the web UI:

https://twitter.com/moyix/status/706577507965870080/photo/1




Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact

Search: