Ransomware owner offers Christmas discount to get files back

In a blog from Roland Dela Paz, Forcepoint has revealed Cryptxxx Ransomware is offering victims a holiday discount. Hackers were asking for a payment of 1.2 Bitcoin to unlock machines. They have now announced that they will accept, only until New Year’s Eve, a reduced payment of 0.5 Bitcoin per machine.

Bitcoin is currently undergoing a surge in value. As of the 26th December, the headline price was over $900. This means that instead of finding $1,080 to unlock their computers, victims only have to pay $450. For both consumers and businesses hit over the holiday period this is a substantial saving.

Christmas presents are a risk to corporate security

The amnesty will end far too early for many businesses. As they return to work in January their cyber risk will surge. This is due to the number of new devices users received for Christmas and are likely to bring into the office. Employees will be tempted to connect them to the company network to show them off to work colleagues.

The problem is that many of these devices will have little in the way of real security. Where the devices do have configurable security it is likely that most will enter the workplace unsecured or at best poorly secured. January will see a lot of IT departments struggling to identify these devices and limit their access to the company network. Even those companies with policies on connecting new BYOD devices are likely to face a serious challenge.

All of this is likely to make January a profitable time for cyber criminals. There are already warnings from many security vendors that 2017 will see a surge in cyber attacks. Those attacks are likely to begin on January 1st with ransomware top of the malware list. The rise in the price of Bitcoin will boost the efforts of malware owners to infect computers as they look to cash in. Companies will have to decide on either buying stocks of Bitcoin or hope the price drops and they can buy cheaper on the day.


Cyber criminals masquerading as Santa Claus with a festive giveaway is a cyber horror show. Companies should take advantage of the holiday period to scan all their computers and prepare for the January madness. If an infection is found taking advantage of this giveaway is important. It is unlikely that cyber criminals will make another offer until the Easter Bunny comes calling.


  1. […] has been so successful in 2016 that the owners of the CryptXXX ransomware offered a seasonal discount to those affected. An unexpected side-effect of the success of ransomware has been a surge in the price of Bitcoin. […]


Please enter your comment!
Please enter your name here