The gang that operates the Ziggy ransomware did not get rich from the crime but announced that it will abandon the ransomware ‘business’. When deciding to ‘retire’, the cybercriminals also announced that they will return the amounts received as a ransom for the attacks they did. With the redemptions, they bought bitcoins that are now worth twice as much as they received. In other words, they will return half of the balance in bitcoins and yet they may still have a lot of money.
The announcement was made in early February and now cybercriminals say they are ready to return their victims’ money. Whoever paid ransom to Ziggy just needs to send an email with the proof of payment calculated in bitcoin and the identification of the computer. In about two weeks, the money will be returned to the bitcoin wallet used to pay the ransom, said the BleepingComputer portal, which spoke with the Ziggy administrator.
The Ziggy operators’ decision came shortly after other malware operators were caught by the police. On February 7, Ziggy published 922 decryption keys, which, when combined with the keys in an accompanying SQL file, unlock the victims’ files. Ziggy also shared the files with ransomware expert Michael Gillespie, who made a free Ziggy decryption tool for victims to unlock their files.
On February 7, the day that Ziggy released the decryption keys, Bitcoin’s exchange rate was around $ 39,000; a few days later, Bitcoin’s value soared to $ 61,000. This difference in value gives Ziggy a small profit. A few days before Ziggy said he was ending the process, an administrator at the ransomware-as-a-service group Fonix said they had also “come to the conclusion that we should use our skills in positive ways to help others.”
With international news agencies