While Bitcoin (and its competitors/peers, potentially, I suppose) have obvious advantages for the extortionist, we’ve seen a curious shift towards other forms of ransom payment recently. I described in Music-Loving Android.Locker Ransomware malware that demands payment in iTunes gift cards, while Lawrence Abrams for Bleeping Computer reports on something called TrueCrypter that demands payment either as 0.2 bitcoins or as $115 in Amazon gift cards: TrueCrypter Ransomware accepts payment in Bitcoins or Amazon Gift Card.
He also mentions an unnamed Android screen locker that also demands Amazon gift cards. He observes:
This is an odd choice of a ransom payment as the Amazon Gift Card funds can easily be tracked by Amazon. This, and the fact that the payment confirmation system is broken, makes me believe that this program was made by an amateur rather than a seasoned malware developer.
He has a point, but I’m told there are forums where gift cards might be ‘laundered’ before they turn up in the virtual economy. Still, TrueCrypter looks very amateur for other reasons, too. Just clicking on the ‘Pay’ button decrypts your files. I suspect that won’t always be the case, though.