Holy bitcoin, they’ve locked up my computer


Just days before a big race, an up-and-coming Nascar team suddenly found the crew chief’s laptop going haywire and all the team’s critical files locked up.

The team was the victim of a ransomware attack, a type of virus that locks up computer files until money is paid.

“A message popped up that said my files had all been encrypted. … The only way to get it back is to pay a ransom,” said Dave Winston, the crew chief for Circle Sport-Leavine Family Racing.

Ransomware cost Americans between $24 million and $28 million in 2015. It’s growing exponentially, according to the FBI.

An easy business to enter

The reason? “[Ransomware] is an easy business to get into. There are kits out there that you can buy on the deep dark web and start your own little ransomware company, and many of these end up actually being successful,” said Marcin Kleczynski, the CEO of Malwarebytes, a cybersecurity company that focuses on thwarting malware.

The criminals target everyone, including consumers, small businesses and major corporations.

“Its targets of opportunity could mean your grandma or grandpa, or a corporation down the street, such as a health-care provider,” said Will Bales, a Chantilly, Va.-based FBI supervisory special agent in charge of ransomware probes.

Still, 57 percent of victims are consumers, according to cybersecurity company Symantec. That means critical banking files, previous tax returns and personal photos can be locked up.

Dave Winston, the Circle Sport-Leavine Family Racing crew chief, with the laptop that was attacked

Dave Winston, the Circle Sport-Leavine Family Racing crew chief, with the laptop that was attacked

When the Nascar team was hit, it decided to pay, purchasing a bitcoin, a virtual anonymous currency from a special ATM. After hours of waiting, the team received a decryption key.

“It was huge relief when we got the key. … Pretty much everything came back,” Winston said.

However, the FBI advises against paying ransom, even small amounts like the Nascar team did.

“They now know that you are susceptible and want to pay them,” the FBI’s Bales said. “This could encourage them to continue and target more people down the line.”

The Circle Sport-Leavine Family Racing #95 competes in the Nascar Sprint Cup Series.

Source: Circle Sport Leavine Family Racing
The Circle Sport-Leavine Family Racing #95 competes in the Nascar Sprint Cup Series.

Ransom sticker shock

A ransom request can cause sticker shock. The average payment demand nearly doubled in 2015, according to Symantec.

“On the business side, the sky’s the limit. We’ve seen requests for millions of dollars, but usually they end up settling for tens of thousands,” said Malwarebytes’ Kleczynski.

Bringing the criminals to justice is unlikely.

“It’s very difficult to attribute where the ransomware came from, and every specific case is vastly different. We’ve seen ransomware attacks from Europe, we’ve seen ransomware attacks from Asia and we’ve seen ransomware attacks from the United States,” Kleczynski said.

Here are some steps you can take to avoid being a victim.

The Circle Sport-Leavine Family Racing headquarters in Concord, NC

Giovanny Moreano | CNBC
The Circle Sport-Leavine Family Racing headquarters in Concord, NC

Beware of email attachments

While there are many ways that ransomware can get into your computer, the FBI’s Bale said email attachments are a common method.

“The emails can look like they’re from a friend, or family, or just maybe a reputable organization, but it’s actually not. And the attachment is laden with malware in it. And once you’ve opened the attachment, your computer is infected,” he said.

“If you’re not expecting an email from somebody, it’s OK to call that person and ask them if they meant to send that email. Or if that email was from them. It’s inconvenient, but it is less inconvenient than infecting your entire computer or network,” he said.

Back up your data

The best way to prevent ransomware is to have a secure backup, which allows you to restore files without paying the ransom.

“Secure backups are key. Make sure that files are backed up regularly, and you should test those backups so that the first time you try your backup is not because of a ransomware event,” Bales said.


8 thoughts on “Holy bitcoin, they’ve locked up my computer

  1. Geez, crazy. Thanks for the informative post. The deal about ransomeware coming in on an attachment from someone one might know is nuts.

  2. cant they track the payment back to the source?

    crap like this would , or could(more like should) soon become a barrel of a 45 in someones face

    maybe if people and companies didnt play ball,but played with the Fu(kers lives they would think twice about it

    yeah ive been told im a heavy hitter.. but its because of the wussies in this country and around the world that jackholes like this get to live ..when thier numbers get quickly depleted is when this crap stops ..just like the fake check scams etc.. if they were lit up a few times the will to play gets extinguished right quick

    how do we even know this isnt coming out of DC?… if you catch my drift .. or your local government ..look at how broke they all say they are .. nice little 10,000$ boost every now and then or more might be enticement, especially if they “cant be traced”

    1. “how do we even know this isnt coming out of DC?… if you catch my drift ..”
      I catch your drift.

  3. One thing to remember if you do a backup to another hard drive. Disconnect the backup hard drive after the backup so the virus won’t hit it too….. I use Casper backup which makes an image of my main hard drive so if the main one goes down all I have to do is plug in the backup and it’s all there. Good luck.

    The NSA has never provided information to catch a hacker or virus creator.
    Either the NSA is in on the deception or all that money spent to fund the NSA was worthless.

  5. In windows………………
    Control —-Alt—-Delete —– Start Task manager……..

    Go to whatever browser you are using………click on it…….hit end process.

    Problem solved.

Join the Conversation

Your email address will not be published.