• We have updated the guidelines regarding posting political content: please see the stickied thread on Website Issues.

Cybercrime: Ransomware

Ransomware has customer service, and it can be excellent.

http://www.npr.org/2017/05/16/528570753/cyberattack-culprits-demand-ransom-be-paid-in-bitcoins

more at link
-----------------------------------------
MARTIN: So, of course, hackers want their money, so they want to make this easier. They're actually offering customer support. They send you links to bitcoin tutorials. They even have chat rooms where a member of the hacking group can help you out.

Sullivan's company wanted to test just how good the customer service was, so they had someone who's not a computer expert download five viruses and then ask the hackers for help paying ransom.

SULLIVAN: We got very personalized support via email to very - somewhat personal via forms, to some ignored us completely. We could figure it out. We could figure it out. If we didn't, they didn't care.

GREENE: And the hackers were very understanding. Apparently, they would be willing to extend the ransom deadline. And Sullivan says that when the customer service was good, I mean, it was really good.

SULLIVAN: There's even been some anecdotal cases of ransomers actually remote controlling the victim's computers in order to help them run the decryption tool because the victim's having trouble running the tool.
 
I've also wondered about this but have nothing to back up my suspicions. Would he have drawn such attention to himself if he had previously engaged in such nefarious activities though?
 
Do you have some information to suggest he's innocent?
I wonder whether a request for help was made for the ransom-ware problem, in the hope that someone might well not be able to resist coming forward. It far easy to see if a 'target' has done something wrong than to track down the person from scratch I'd have thought.
 
Last edited:
I wonder whether a request for help was made for the ransom-ware problem, in the hope that someone might well not be able to resist coming forward. It far easy to see if a 'target' has done something wrong than to track down the person from scratch I'd have thought.

The Guardian report is that he is suspected of involvement in a banking hack last year. There does not as yet some to be any suggestion that he was responsible for the WannaCry attack itself.
 
That Guardian article is also somewhat sloppy with its nomenclature, using URL when they mean domain name for instance.
 
From our Endless Adaptation Of Criminal Opportunism desk ...
Ransomware attacks up since start of COVID-19 crisis, study finds

Ransomware attacks have become more rampant as workers and businesses have been under orders to stay home during the coronavirus pandemic, a new study showed Wednesday.

Datrium, a Silicon Valley-based provider of computer security services, said a survey of more than 300 information technology professionals from large firms found that nearly 70 percent have experienced ransomware attacks since the start of the crisis that cost their companies between $100,000 and $500,000. Nearly one in five reported a cost exceeding a half-million dollars.

Ransomware hackers seize victims' keyboards or computers until a ransom is paid, typically in cryptocurrency.

Wednesday's survey also said 96 percent said their companies have become increasingly concerned about being targeted during the COVID-19 pandemic.

Datrium CEO Tim Page said the "pervasiveness of remote work" is making more companies vulnerable to cybercrime.

"This research shows that businesses are even more concerned about it because of their newly distributed workforces resulting from the COVID-19 pandemic," he said.

The survey results echo a warning last week from Microsoft, which said ransomware attacks are "unrelenting" at a time when remote work is more widespread and necessary. It said hackers are targeting healthcare and critical industries, in particular.

Microsoft warned that hackers are gaining access by exploiting security weaknesses in virtual office networks.

SOURCE: https://www.upi.com/Top_News/US/202...of-COVID-19-crisis-study-finds/9951588771542/
 
Anyone using a Garmin to record all their details it looks like they have been hit with a massive Ransomware attack!
 
Anyone using a Garmin to record all their details it looks like they have been hit with a massive Ransomware attack!

Yup, Techy noticed this earlier. He reckons ransomware is a safer situation than a straightforward data theft.
 
Yup, Techy noticed this earlier. He reckons ransomware is a safer situation than a straightforward data theft.
Agreed as if they have the data they will know how much I weigh all the gps data for people’s activities ie where they start and stop, usually at home!
 
Gosh, we can't have people knowing that we've gone to the shops or a beauty spot.
Worth paying a ransom for... all of 1p!
 
Anyone using a Garmin to record all their details it looks like they have been hit with a massive Ransomware attack!

I've gone off Garmin - I don't need the level of info anymore. Wahoo HR arm monitor for me - It's very accurate, (I've tested it).
 
Gosh, we can't have people knowing that we've gone to the shops or a beauty spot.
Worth paying a ransom for... all of 1p!
That data is actually extremely valuable. It is why marketing companies buy and sell our info unless we specifically ask them not to and why websites set cookies. Given some of the metrics some of these devices can measure, you can know pretty much everything about a person, how quickly they might be wearing down their trainers/bike tyres, which shops they are going near, what sort of weather they are encountering when they are out and even what time they go to bed and how well they sleep when they get there. It's a goldmine.
 
Woman becomes first healthcare cyberattack death.

A woman in Germany has become the first healthcare cyberattack death after a hospital was unable to admit her because its systems had been the target of an attack.

German prosecutors opened a homicide investigation on Friday into the incident which happened in the western city of Dusseldorf in September.

iu


The University Clinic in Dusseldorf, capital of Germany's most populous state of North Rhine-Westphalia, was hit by a ransomware attack on September 10 that penetrated its systems via a flaw in a Citrix VPN system.

The female patient, suffering from a life-threatening illness, had to be turned away on the night of September 11, and died after the ambulance carrying her was diverted to Wuppertal, 30 kilometres (20 miles) away.

Prosecutor Christoph Hebbecker, head of the cybercrime unit in Cologne, said he had opened an investigation into negligent homicide against unknown persons, the Kolner-Stadtanzeiger daily reported.

The hospital's IT operations remain affected and it is still unable to admit patients brought in by ambulance, it said on Friday.

Ciaran Martin, who stepped down as the head of Britain's National Cyber Security Centre this month, said the incident could prove to be the first death caused by a cyberattack.

'If confirmed, this tragedy would be the first case I know of, anywhere in the world, where the death of a human life can be linked in any way to a cyberattack.'

https://www.dailymail.co.uk/news/ar...ath-German-hospital-turn-woman-away-hack.html

maximus otter
 
An Illinois college has announced it is closing its doors because the disruptions from a ransomware attack crippled its operations to the point it cannot continue.
A US college is shutting down for good following a ransomware attack

Lincoln College says it will close this week in the wake of a ransomware attack that took months to resolve. While the impact of COVID-19 severely impacted activities such as recruitment and fundraising, the cyberattack seems to have been the tipping point for the Illinois institution.

The college has informed the Illinois Department of Higher Education and Higher Learning Commission that it will permanently close as of May 13th. As NBC News notes, it's the first US college or university to shut down in part because of a ransomware attack.

Lincoln says it had "record-breaking student enrollment" in fall 2019. However, the pandemic caused a sizable fall in enrollment with some students opting to defer college or take a leave of absence. The college — one of only a few rural schools to qualify as a predominantly Black institution under the Department of Education — said those affected its financial standing.

Last December, Lincoln was hit by a cyberattack, which "thwarted admissions activities and hindered access to all institutional data, creating an unclear picture of fall 2022 enrollment. All systems required for recruitment, retention and fundraising efforts were inoperable," the college said in a statement posted on its homepage. "Fortunately, no personal identifying information was exposed. Once fully restored in March 2022, the projections displayed significant enrollment shortfalls, requiring a transformational donation or partnership to sustain Lincoln College beyond the current semester."

Barring a last-minute respite, the one-two punch of the pandemic and a cyberattack have brought an end to a 157-year-old institution. ...
FULL STORY: https://www.engadget.com/lincoln-college-ransomware-attack-shut-down-covid-19-164917483.html
 
An international ransomware gang that's hit hundreds of victims in recent years now claims it has the goal of overthrowing its latest target - the government of Costa Rica.
Ransomware gang threatens to overthrow Costa Rica government

A ransomware gang that infiltrated some Costa Rican government computer systems has upped its threat, saying its goal is now to overthrow the government.

Perhaps seizing on the fact that President Rodrigo Chaves had only been in office for a week, the Russian-speaking Conti gang tried to increase the pressure to pay a ransom by raising its demand to $20 million.

Chaves suggested Monday in a news conference that the attack was coming from inside as well as outside Costa Rica. ...

Conti attacked Costa Rica in April, accessing multiple critical systems in the Finance Ministry, including customs and tax collection. Other government systems were also affected and a month later not all are fully functioning.

Chaves declared a state of emergency over the attack as soon as he was sworn in last week. ...

The attack has encrypted government data and the gang said Saturday that if the ransom wasn’t paid in one week, it would delete the decryption keys. ...
FULL STORY: https://apnews.com/article/technolo...ibbean-gangs-381efc2320abb5356dee7f356e55e608
 
Back
Top