Most security experts will advise against paying the ransom demands of the malware writers because doing so only helps to finance their criminal enterprise and keep them in business. One of the reasons that folks get infected is because someone before them paid the bad guys to decrypt their data. The more people that pay the ransom, the more cyber-criminals are encouraged to keep creating ransomware for financial gain. Further, there is no guarantee that paying the ransom will actually result in the restoration (decryption) of your files.
- K7 Computing: Why You Should Not Pay That Ransom Demand
- Avira: CyptoLocker-style File Encryptors – Should you pay the ransom?
- Kaspersky Lab: To pay or not to pay – the dilemma of ransomware victims
- Ask Leo: Decrypting files encrypted by ransomware...should you pay?
Some ransomware victims have reported they paid the ransom and were successful in decrypting their data. Other victims reported they paid the ransom but the cyber-criminals did not provide a decryptor or a key to decrypt the files, while others reported the key and decryption software they received did not work or resulted in errors. Still others have reported paying the ransom only to discover the criminals wanted more money. Most cyber-criminals provide instructions in the ransom note that allow their victims to submit one or two limited size files for free decryption as proof they can decrypt the files. However, decryption in bulk may not always work properly or work at all.
There is never a guarantee that the decrypter provided by the cyber-criminals will work as they claim and using a faulty or incorrect decryptor may damage or corrupt the files. Keep all this in mind if you are considering paying the ransom since there is no guarantee decryption will be successful.