Paying cybercriminals behind the global ransomware attack won’t unlock your files

Yesterday, the world was hit by a massive ransomware attack. The victims of the attack might think they regain access to their data when they pay the ransom but unfortunately for them, the email address used by the cybercriminals behind the attack is blocked by the provider. This means nobody can contact the criminals on how to get their data back.

Paying cybercriminals behind the global ransomware attack won't unlock your files

The ransomware attack uses EternalBlue, an exploit that was leaked in April by the Shadowbrokers hacker group after they stole it from the American National Security Agency (NSA).

The malware first hit in the Ukraine where it attacked banks, electric utilities and airports. After that, it spread to Western Europe where it hit several large companies. The malware hijacks the system and demands a ransom of $300 in Bitcoin.


Although the advice has always been not to pay cybercriminals, there are still desperate victims who decide to pay. But in case of this attack it’s totally useless,  the criminals behind the malware can no longer be contacted through the email address that is listed inside the malware.

“We do not tolerate the misuse of our platform: The immediate blocking of misused email accounts is the necessary approach by providers in such cases. Since midday it is no longer possible for the blackmailers to access the email account or send emails. Sending emails to the account is no longer possible either,” Posteo, the email provider, writes on their blog.