I don't know, but I can think of a few possibilities:
1. The amount demanded varies from incident to incident. Bitcoin is fractional to 8 decimal places, so it's possible to narrow down the list of victims by the last N digits of the payment.
2. The original demand for payment includes instructions to list the address you sent from. This would be a lame solution for many reasons, including (1) these victims are probably all new to Bitcoin and would have no idea what an address is, and (2) according to an article I read, some security consultants keep a Bitcoin wallet handy to pay on behalf of their clients, leading to duplicate payer addresses.
3. Same as #2 but demanding that the victim include the transaction ID, which is a long hex string. Similar usability issues.
4. It's possible to embed metadata into Bitcoin transactions. As with the prior approaches, victims would likely get this wrong.
Most likely there's a human criminal on the other end of the exchange, and that human matches up victims and payments.
Because the paying victims are surely unsophisticated about Bitcoin and terrified about what is happening to them, it seems likely that the risk of one victim claiming another victim's payment is small, so the manual match-up method is probably the most practical solution from the criminals' standpoint.
> Because the paying victims are surely unsophisticated about Bitcoin and terrified about what is happening to them, it seems likely that the risk of one victim claiming another victim's payment is small, so the manual match-up method is probably the most practical solution from the criminals' standpoint.
Is it really that small? What's stopping a victim from claiming someone else's payment by watching transactions and notifying the criminal that "their" payment has been sent?
If you barely understand how computers work, but you know your business's accounts receivables file is gone, and somebody is saying they will retrieve it if you send them some weird internet money, you're probably going to do exactly what they say rather than view this as a great opportunity to scam a scammer.
Plus, the criminals they might be trying to scam are almost certainly the victims' only hope of obtaining the symmetric encryption key (there are exceptions; some of these programs have been shown to be written by people not entirely clear on how crypto works -- single global key, obfuscated key on client machine, etc.). By definition, the only people interested in paying are the people who have no backups of data they need, so they have no options, and taking the risk of pissing off the criminal doesn't really make sense.
Moreover, for all we know, some victims haven't figured out that they're paying the same people who did the encryption in the first place. From their point of view, this is just like buying antivirus software or taking their computer to Geek Squad.
Sometimes they accidentally weaken the algorithm (like by chopping it's key bits in half through a weak RNG). Crypto is hard, even when the scammer probably has a good grasp. Which is useful in this case.
A cursory analysis of the bitcoin addresses for this malware suggests that sending US$300 in BTC can be difficult. I see sends of US$178, US$189, US$332, US$280, US$362, US$220, etc.
Except that supposedly the CNC servers that allow users to contact support and get the key for their files have been down for some time now. The creator may well have done a runner once they realised just how much of a bad idea this was.
It's hard to evaluate whether that's a good or bad thing. It'd be good if the victims got their files back. So you want to keep the server up. But this kind of scam must be stopped. So you want to kill the server quickly so scammers understand the scheme is unlikely to be profitable.
Unfortunately the economics probably work out the same way spam does, meaning it won't go away. All it takes is a couple people to pay up to make it profitable, because the criminal doesn't bear the cost of distribution.
