Ransomware offers customer support via chat

PadCrypt, a newly discovered piece of ransomware, offers the victims the possibility to chat with the criminals behind the scheme.

This ransomware, as many before it, presents the standard instructions on how to make the payment (via Bitcoin, Paysafecard, and Ukash voucher). But for many victims, the process of buying Bitcoin and delivering it to the crooks might be too daunting, and the criminals obviously decided to offer more help in the form of a Live Chat option.

If you decide to pay the ransom, the feature can hopefully also be used to try to minimize the asked-for amount.

“Also, for the first time that we’ve seen on any ransomware sample – it comes with a uninstaller,” Webroot researchers noted.

“Located in %AppData%\PadCrypt\unistl.exe it will remove all files and registry entries associated with the infection. However, it will still leave all your files encrypted.”

Additional good news is that this ransomware is currently not an active threat. The C&C servers are down, so even if you get infected you wouldn’t know it as the encryption wouldn’t be performed.

This also means that the researchers weren’t able to test the chat options and talk to the criminals.