Black Shades and Herbst Ransomware Authors Lower Ransom Fees to Entice Payment Over Alternatives

Ransomware authors are becoming smart in their marketing methods by lowering the ransom fees that they charge for computer users to decrypt files on systems infected by newer ransomware.

In the full scope of how ransomware has evolved over the course of the past year, authors of the aggressive file-encrypting malware have conjured up new ways to entice ransom payments. In the latest scheme of extorting money from computer users, ransomware authors are lowering the amount that they charge for obtaining a decryption key that will ultimately decrypt files that were once encrypted by ransomware. Black Shades and Herbst Ransomware are among the threats to take on this new approach only demanding a fee of $30 to $58 to be paid to obtain a decryption key.

Recent ransomware has had the tendency to encrypt files using aggressive encryption algorithms that cannot be defeated unless the proper decryption key is utilized. When files are encrypted, recent ransomware will relay a notification with instructions that guide victimized computer users through a process to obtain a decryption key, which in most cases will end up costing the user between $200 to $1,000 in Bitcoins. Upon payment, a decryption key is provided, and computer users may decrypt their files encrypted by the ransomware.

By leveraging a lower price, ransomware authors will naturally allow their creations to stand out in the flood of other ransomware versions that appear in abundant numbers on a weekly basis. Additionally, lower prices in the range of $30 is a serious challenge to computer security researchers and those who provide solutions to remove ransomware. Comparing the price of paying the ransom of $30 to decrypt files to a computer security solution that may cost about the same is a predicament that could sway either way for the commonly victimized computer user.

Unfortunately, ransomware in the recent year doesn't leave victimized computer users with many options. Though, with a low price of about $30 to rid yourself of the issues that come with recent ransomware, computer users probably won't think twice about paying such a price to get their computer back to normal operation by decrypting files that were once encrypted by nasty ransomware.

The distribution channels for recent ransomware, such as Black Shades and Herbst have reached a new level by using YouTube videos. Some computer security researchers believe that crooks are uploading videos on YouTube to advertise games or software cracks, which, if installed, will load Black Shades ransomware or other ransomware. The conclusion of YouTube being used as a new distribution method comes from the discovery of the term "YouTube" within Black Shades ransomware's code.

To put a wrench in the whole concept of leveraging lower ransom prices for decryption of files, there have been methods to defeat threats like Black Shades ransomware discovered by researchers. Such methods are only beneficial for computer users who have yet to have their system infected with Black Shades. The proactive measure requires users to modify their hosts file adding a string that will redirect a site query, which will essentially block installation of Black Shades ransomware.

With the many advancements of recent ransomware, authors of the malware are always on the hunt for clever methods to earn handsome paydays and the expense of gullible computer users. We have to remember that the recent move for ransomware like Black Shades to utilize lower ransom fee prices is yet another test conducted by cybercrooks to figure out what new action yields the best payday for them. With that in mind, we shouldn't be surprised to see unseen methods conducted by ransomware perpetrators in the near future.