CoinJar makes it easy to convert funds to bitcoin. An unfortunate side effect is that we sometimes find ransomware websites recommend us as a way to source bitcoin.
CoinJar is not associated with those who produce and distribute this malware and we generally encourage you to consider all options before deciding to pay a ransom. While we do not seek to interfere with your bitcoin transactions, we want you to be informed of the risks associated with using CoinJar for ransomware payments.
What is ransomware?
Ransomware is any malicious program which restricts access to your computer and demands a ransom be paid in exchange for its restoration. Some ransomware encrypts your personal files, while other variants lock the user out of the machine altogether. Examples of ransomware include CryptoLocker, TorrentLocker, and CTB-Locker.
Computers can be infected with ransomware in the same manner as any other malware: by opening files from untrusted sources, clicking malicious links, or visiting untrusted websites. Most ransomware appears to target Windows computers.
Ransomware is a form of cybercrime, and paying the ransom may encourage those responsible to continue targeting others.
If you are signing up to CoinJar for the first time, it will be at least 48 hours before you have access to sufficient funds to pay most common ransom amounts. This is assuming you pass identity verification immediately and that bank transfer times are kept to a minimum. If you do not pass verification immediately please contact firstname.lastname@example.org and we will do our best to guide you through manual verification swiftly.
Due to the risk of fraud, we cannot expedite deposits if you do not have any deposit history with us.
You should consider these factors when considering using CoinJar to pay a ransom.
Transaction IDs (TXID)
Some ransomware will ask you to provide the transaction ID, also known as TXID, of your payment. We have a separate article, Finding a bitcoin transaction ID, which describes how to find this information if you decide to go ahead with the payment.
Bitcoin payments are instant and irreversible. CoinJar cannot cancel or reverse a bitcoin payment that you have made.
If you find the ransom payment is not successful in removing the ransomware you will have no recourse available to recoup the lost funds.
We hope that ransomware is not your first, or last, experience with bitcoin and trust the above information will help you make an informed decision about whether to proceed with payment or seek alternate options such as backup.
Customers have reported both success and failure in having the effects of ransomware reversed by paying a ransom. Some have reported total success (the ransomware is removed), others total failure (their device remains completely infected and they lose their funds), and others still have reported partial success with the ransomware going on to request further fees for full removal.
We encourage you to do your research and consider alternate options before committing to pay a ransom. Some customers have found their backups have worked as an alternate option to paying the ransom, taking some time but saving them large sums in ransoms. You should weigh up the risk based upon the data at stake.
If you choose to not pay the ransom, it may also be worth keeping a copy of the encrypted files in long-term storage. In rare cases security researchers have been able to find a way to unlock infected files (this occurred with an early version of CryptoLocker, and a variant called TeslaCrypt).
Updated: 18 Feb 2016 (AS)
Reviewed: 18 Feb 2016 (AS)