According to researchers, operators of a ransomware campaign are now looking to sell their collection of decryption keys for a set price.
On Wednesday, F-Secure revealed in a blog post that criminals using SynoLocker, malware named after a targeted product – network-attached storage (NAS) devices by Synology, appeared to be jumping ship to focus on other aims.
Last week, F-Secure detailed how SynoLocker used AES to encrypt users’ files so that attackers could later demand payment for data retrieval. But a new message on the SynoLocker website revealed that the operators were looking to sell over 5,500 unclaimed private keys for 200 bitcoins (over $100,000).
F-Secure warned, however, that it remains to be seen “whether the operator(s) follow through with their plans,” or how the sale might impact victims, the blog post said.