this post was submitted on 29 Jan 2026
24 points (96.2% liked)
Programming Horror
2299 readers
2 users here now
Welcome to Programming Horror!
This is a place to share strange or terrible code you come across.
For more general memes about programming there's also Programmer Humor.
Looking for mods. If youre interested in moderating the community feel free to dm @Ategon@programming.dev
Rules
- Keep content in english
- No advertisements (this includes both code in advertisements and advertisement in posts)
- No generated code (a person has to have made it)
Credits
founded 2 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Paying is never a guarantee, and if you pay a ransom, you're always at the discretion and risk of the attacker.
The only thing this changes is that if you know the specific software that encrypted and if it's known publicly that it can not decrypt and if you know about that is that you know paying won't allow for decryption.
It's the same for paying so they don't disclose and share exfiltrated data. They're already doing illegal immoral activities, and you're hoping they will follow your agreement when you pay. But there's no guarantee.
This is why the general public guidance is to never pay ransoms. It supports those industries, gives you no guarantees on fulfillment, and whether fulfillment occurs or not, whether your money was not only wasted but will be used for further damage elsewhere, can be considered entirely random.
The attacker's goal is always betting on despair of the victim, on their grasping on even minuscule hope and at great expense.
Corporations pay ransoms constantly. Weekly, maybe daily. And they largely get their files back. I don't believe you have any knowledge of companies handling ransomware.