Ransomware victims receive their files back due to hacker’s sudden change of heart
At least that was the case last weekend, when a hacker had a change of heart who had created a virus to lock victim’s data and had held it for ransom. On Saturday, the hacker who goes by the name “Poka BrightMinds” posted a message online and said that they had made a decision to publish data to help victims by unlocking their files that were affected by the virus.
Poka BrightMinds wrote that they were repentant for their actions and were “very sorry.”
According to Symantec researchers, who located the Bitcoin addresses where Poka BrightMinds was expected to receive payments from victims said that all that the hacker got from their criminal enterprise was a total of $169.
“I’m very sorry about that has happened. It was never my intention to release this.”
Ransomware is a kind of malware that affects a victim, enciphers his or her data and asks for a ransom to decipher it, mainly in Bitcoin. The malware is set up sometimes to show a message that says the FBI or another authority found child pornography, or other illegal content on the computer, and asks for the payment of a fine. In the last couple of years, the use of this type of malware has increased to the extent of catching FBI’s attention.
The malware in this case was simply called “Locker.” A database of encryption keys was posted by the author that would let all the victims to unlock their files in theory. The hacker also said that “automatic decryption” would begin on Tuesday.
“I am the author of the Locker ransomware and I’m very sorry about that has happened,” Poka BrightMinds wrote in a note posted to Pastebin. “It was never my intention to release this.”
Soon after the hacker posted the database, Nathan Scott, a member of the online forum, BleepingComputer.com, designed a tool to easily decipher the affected files. At least some of the files were able to be unlocked as reported by various members of the forums.
According to Lawrence Abrams, a member of BleepingComputer.com, an uplifting message is displayed on the victim’s computer when the files are deciphered.
The message read “I’m sorry about the encryption, your files are unlocked for free. Be good to the world and don’t forget to smile”, according to multiple victims.
“I’m sorry about the encryption, […] Be good to the world and don’t forget to smile.”
There is no clarity as to who Poka BrightMinds is, and why did the hacker repent on creating the virus. The hacker was not reachable when Motherboard tried to contact him. Despite of his deep regret, and his effort to “make amends,” as Symantec researchers point out, the virus’ author “still broke the law and caused their victims countless worries, time, and money trying to rectify the damage.”
In response to the decryption message that had requested people to smile, one of the victims wrote that “it’s hard to smile when you’ve had no sleep for a week and missed out on time with the family to deal with this mess.”
