A law firm in Charlotte, North Carolina, has admitted falling victim to a cyberattack that leveraged the notorious piece of ransomware called CryptoLocker.
According to WSOCTV, the attackers infected one of the company’s servers after sending out a fake voicemail notification that had the malware attached to it.
After the law firm’s IT department failed to recover the files, it agreed to pay the $300 (€220) to get them back. However, at that point, it was already too late.
The company’s representatives say they’ve lost access to thousands of legal documents, but no confidential information appears to have been stolen.
Experts recommend against paying the ransom money, but many organizations, particularly small businesses, have often given in to the extortionists. A police department in the US has admitted paying $750 (€555) to recover the files.
CryptoLocker victims are instructed to pay the ransom in 72 hours. After that, they can still recover their files by using a specialized service, but the amount of money they have to pay is much higher.