Jigsaw Ransomware Can be Tricked To Believe A Bitcoin Payment Was Made

Ransomware is a threat to computer users and enterprise networks all over the world. This ongoing battle between Internet criminals and security researchers has been a matter of one-upping one another. Jigsaw, a relatively new type of ransomware, has been decrypted once again. This may only be a temporary reprieve, though.

Security Experts Trump Jigsaw Ransomware Again

The sheer amount of different Bitcoin ransomware types keeps security researchers on their toes around the clock. In the case of Jigsaw, however, that battle seems to be going a bit smoother. For the second time in its four-month existence, the ransomware has been decrypted. Infected users will not have to pay a Bitcoin fee to restore file access. That is, unless the creators come up with a new version in the coming months.

What makes the Jigsaw ransomware so notorious is not its technical prowess, but rather the way it behaves. Infected devices will display an eerie image of the Saw movie franchise. Moreover, this malware threatens users by presenting a countdown timer for the Bitcoin payment. If these demands aren’t met, thousands of files will be deleted every hour. Restarting the computer won’t help much either, as that would result in file deletion as well.

So far, there have been multiple decryption tools which can eliminate the Jigsaw threat. Despite the successes by security researchers, Jigsaw remains persistent in its attempt to collect bitcoins from infected computer users. Now that security researchers decrypted the “tool” used to check if payments were made, by passing the infection is a trivial matter.

All it took was replacing the Bitcoin address used when the ransomware makes a “check account balance” query. This is a rather easy bypass, and something the Jigsaw developers should have taken into account. After all, if they can cobble together ransomware, they certainly can eliminate the option to mess with the variables.

It remains unknown what will happen with the Jigsaw ransomware moving forward. The creators do not seem bothered by the fact their tool can be decrypted with relative ease. Most victims will gladly pay the US$150 Bitcoin fee to restore file access. Moreover, this temporary victory may trigger the developers to step up their game once again.

Image credit 1

If you liked this article follow us on Twitter @themerklenews and make sure to subscribe to our newsletter to receive the latest bitcoin and altcoin price analysis and the latest cryptocurrency news.