Victims of the CryptoLocker ransomware are being gouged with extortion again, this time as a second-chance decryption service offer that costs five times the original ransom. If you don’t win an online auction, sometimes you receive a “second chance offer” that costs whatever your highest bid was for an item. Extortion doesn’t work that way as seen by the newest second chance scheme launched by the cybercrooks behind CryptoLocker; the decryption service costs five-times as much as it would have to free your files from the ransomware in the first place.Bitdefender Labs offer a CryptoLocker-blocking tool (exe), but otherwise people with infected systems are given three days to pay up; it costs two Bitcoins for their encrypted files to be decrypted. Across the board, security experts say don’t pay.Some victims who were unlucky enough to be zapped by CryptoLocker have been able to recover some files using the Volume Shadow Copy Service in Windows. “However, even users who have backups might realize that they’re not enough to repair the damage done by the malware. Those backups might be too old or they might not include files from remote network shares that have also been encrypted by the malware.”Enter the new second chance CryptoLocker Decryption Service. Bleeping Computer warned that the penalty is steep and the cost for CryptoLocker decryption service “significantly increased from 2 bitcoins to 10 bitcoins. With the current price of bitcoins at around $212 USD the ransom has increased from around $400 USD to over $2,100 USD.” At the time of writing, the “simple Bitcoin converter” quoted 10 Bitcoins as being equal to $2,261. For those users who are affected by CryptoLocker and did not have a backup, trying to pay the ransom has been a difficult process. This is because antivirus programs remove the infection or the registry key that is required to pay the ransom and decrypt the files. It appears that the malware developers were listening, as they have now implemented a decryption service that is designed to look like a customer support site. This service is available by connecting directly to a Command & Control server’s IP address or hostname or through Tor via the f2d2v7soksbskekh.onion/ address.In case you can’t read that, the CryptoLocker Decryption Service notice states:This service allow you to purchase private key and decrypter for files encrypted by CryptoLocker.If you already purchased private key using CryptoLocker, then you can download private key and decrypter for FREE.Select any encrypted file and click “Upload” button. The first 1024 bytes of the file will be uploaded to the server for search the associated private key. The search can take up to 24 hours.IMMEDIATELY AFTER UPLOADING FILE TO THE SERVER, YOU RECEIVE YOUR ORDER NUMBER. YOU CAN USE THIS NUMBER TO CHECK STATUS OF ORDER.OR if you already know your order number, you may enter it into the form below.As of today, Nov. 4, Bleeping Computer reports, “The decryption service now still allows you to pay 2 bitcoins during your normal 3 day timer period. After that period, the price increases to 10 bitcoins.” Kaspersky Lab expert Costin Raiu previously explained that researchers sink-holed three domains that were C&C servers for the malware, but so far no one has cracked the CryptoLocker encryption to fully recover all files. However, as Sophos pointed out, “the crooks’ original claim was bogus all along.”The single copy of the private key, which will allow you to decrypt the files, located on a secret server on the Internet; the server will destroy the key after a time specified in this window. After that, nobody and never will be able to restore files.For more about CryptoLocker, consider reading: How to avoid getting infected and what to do if you are.Meanwhile, other security professionals have diverted their attention elsewhere, debating the reality and capabilities of the scary BIOS-level malware badBIOS.Like this? Here’s more posts:How Microsoft invented, or invisibly runs, almost everythingMicrosoft cybersecurity report warns users about the evils of clinging to XPWireless feature disabled on pacemaker to stop hackers from assassinating CheneyFBStalker and GeoStalker data mining tools can dig into your lifeExtreme tech for covert audio surveillanceThat’s no poltergeist invading your privacy: Spooky spying hacks make homes seem hauntedMost parents allow unsupervised internet access to children at age 8Not even Microsofties trust Microsoft’s approach to privacyCaptain Justice: Epic legal trolling reply to govt’s motion to ban the word ‘government’Chris Hemsworth goes to ‘nerd school’ for hacking in cyber-terrorism thriller ‘Cyber’Ex-NSA chief Michael Hayden got schooled on how much eavesdropping stinksEavesdropping made easy: Remote spying with WeMo Baby and an iPhoneFollow me on Twitter @PrivacyFanatic Related content news Dow Jones watchlist of high-risk businesses, people found on unsecured database A Dow Jones watchlist of 2.4 million at-risk businesses, politicians, and individuals was left unprotected on public cloud server. By Ms. Smith Feb 28, 2019 4 mins Data Breach Hacking Security news Ransomware attacks hit Florida ISP, Australian cardiology group Ransomware attacks might be on the decline, but that doesn't mean we don't have new victims. A Florida ISP and an Australian cardiology group were hit recently. By Ms. Smith Feb 27, 2019 4 mins Ransomware Security news Bare-metal cloud servers vulnerable to Cloudborne flaw Researchers warn that firmware backdoors planted on bare-metal cloud servers could later be exploited to brick a different customer’s server, to steal their data, or for ransomware attacks. By Ms. Smith Feb 26, 2019 3 mins Cloud Computing Security news Meet the man-in-the-room attack: Hackers can invisibly eavesdrop on Bigscreen VR users Flaws in Bigscreen could allow 'invisible Peeping Tom' hackers to eavesdrop on Bigscreen VR users, to discreetly deliver malware payloads, to completely control victims' computers and even to start a worm infection spreading through VR By Ms. Smith Feb 21, 2019 4 mins Hacking Vulnerabilities Security Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe