[UweSchmidt]

Wow, is the world drowning in cynicism? I want a service that breaks the ransomware encryption and researches into that direction to ultimately make the incredibly hurtful extortion of vulnerable computer users not viable. To me these companies are criminals if they facilitate the extortion.

[teekert]

Exactly at this point the "decrypter" companies are just partners of the cyber-criminals, they have the same incentives, share the same profits and both are unethical.

[lozenge]

Not quite the same incentive - one needs to stay anonymous as they are breaking the law, and the other is legal and can operate in plain sight.

[teekert]

It's legal to lie about paying the extortioners?

[Scoundreller]

At worst, it’s breach of contract. At best, it makes the accounting and legal checks on your supplier very easy.

$10k to Bob’s IT consultancy within the same state is a lot easier than $10k that ultimately leads to a country that may be embargoed.

[usrusr]

> easier than $10k that ultimately leads to a country that may be embargoed

In which case the middleman/coconspirator would add one more, completely unrelated crime to their list.

[failrate]

Those aren't incentives, those are just operational parameters.

The incentive in both cases is money, specifically from people who feel vulnerable enough to pay but not so vulnerable that they give up hope.

[peteradio]

front-end vs back-end

sales vs engineering

triage vs diagnostics

collections vs billing

Sounds like a complete service being offered by two separate legal entities with the purpose to evade.

[lozenge]

Most ransomware is using standard public key cryptography, there is no chance of breaking it. If it is broken, only the intelligence agencies would know. They wouldn't use this weapon on something so trivial.

[cyphar]

In that case companies shouldn't be advertising services they cannot provide without facilitating crime (especially since they lie and tell their customers they aren't paying the criminals). Smells an awful lot like fraud, if not an outright criminal conspiracy given they are skimming the proceeds of a crime.

[EthanHeilman]

Lots of ransomware is very poorly written. There have been a number of ransomware cases in which people were able to recover the keys.

[rini17]

There is indeed such a service, it's called "versioned remote backup". As long as the ransomware is not specifically targeting the backup client in order to damage the backed-up files, you just reinstall and restore.