Homebrew fixes Cask repo GitHub Actions bug that would have let anyone sneak malicious code onto machines The Homebrew package manager for macOS and Linux has fixed an issue that could have been exploited by miscreants to run malicious code on people's computers. Specifically, the project's GitHub Actions setup could have been abused to sneak arbitrary Ruby code into its Cask repositories, security researcher RyotaK discovered …
That wouldn't significantly decrease the ransomware infection rate.
The economics are all wrong. Creating ransomware is inexpensive and has non-tangible returns such as intellectual curiosity and bragging rights. Deploying ransomware is nearly free; it's largely done by botnets and other automated systems. The success rate for ransomware attacks can be very, very low and still produce a positive return on investment.
Some victims will bypass any legal constraints in order to pay. Legal liability is a future risk; lack of access to data is a present risk. People overestimate present risks and underestimate future risks – that's why we continue to see stupid crimes with poor rate-of-return (such as bank robbery) being committed.
Consequently, attempts to cut off payment will not have much effect on ransomware attacks. They'll be no more effective than the War on Drugs (or, worse, the idiotic "War on Terror").
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
