An article from VPN Creative reports that some municipal councils across Italy have fallen victim to a variant of CryptoLocker called TorrentLocker. The ransomware demands a bitcoin payment equivalent to 400 Euros, which doubles in three days if payment is not received.
Having copied the email address book of a local council office, the software targets office workers by mailing an attachment named compenso.pdf.exe. Given some of the office workers deal with receivables, they are then duped into opening the attachment, which encrypts all photos, *.pdf files and Microsoft Office documents.
Unlike CryptoLocker, TorrentLocker doesn't lock the operating system and the computer remains usable. Users are prompted to purchase software to decode the encrypted files and should they run into difficulty, the ransomware operator provides customer service and assistance.
A TorrentLocker decrypter, which is available for free online, claims to have figured out how to decrypt the encrypted files so that users need not pay a ransom in order to get access to their files. Amusingly, it's not difficult to foresee a future in which ransomware writers create free decrypters for ransomware authored by others so that they can re-encrypt the files and claim the ransom for themselves.
Source – https://vpncreative.net/2014/10/26/italian-councils-paralyzed-bitcoin-ransomware-virus/ http://www.corriere.it/tecnologia/economia-digitale/14_ottobre_20/phishing-comuni-hacker-bitcoin-ricatto-c457694c-5831-11e4-9d12-161d65536dad.shtml