1. Forum
  2. tqwNet
  3. TQW_GENTECH

  • Fake "hack-back" offers are putting ransomware victims at further

    From TechnologyDaily@1337:1/100 to All on Wed Jan 10 17:30:06 2024
    Fake "hack-back" offers are putting ransomware victims at further risk

    Date:
    Wed, 10 Jan 2024 17:16:59 +0000

    Description:
    Fraudsters are now going after ransomware victims, offering to return stolen data for a price - but surprise surprise, it's a scam.

    FULL STORY ======================================================================

    Ransomware victims are being targeted by scammers looking to trick them out
    of even more of their hard-earned money, new research has claimed.

    A report from Arctic Wolf, which observed at least two such incidents where a person claiming to be an ethical hacker reached out to ransomware victims and offered to break into the ransomware operators infrastructure and permanently delete the stolen databases.

    In one such instance, the hacker asked for roughly $190,000 in cryptocurrency (up to five bitcoin). Even though the victims were approached by people with different aliases, the researchers believe its actually the same individual
    in both attempts. Too many coincidences

    In one case, the company fell prey to Royal ransomware, while in the other, Akira. In the first instance, the fraudster presented themselves as Ethical Side Group, and offered to return the data from the TommyLeaks gang, instead of the actual hackers - Royal. Whats more, the fraudster didnt seem to know that the negotiations between the victim and Royal were concluded back in 2022.

    In the second incident, a fraudster with an alias xanonymoux reached out to a victim firm, offering to delete the data from Akiras servers when, in
    reality, Akira never stole the data - just encrypted it on the victims endpoints.

    Finally, Arctic Wolf saw that during the initial communication, in both instances, ten common phrases were used. Both scammers used the same method
    to prove they had access to the stolen data. All of this led them to believe that this was, in fact, the same individual.

    Usually, when a ransomware operator targets a network, they not only encrypt the data, but also steal it and threaten to release it to the dark web,
    unless a payment is made. In fact, the data theft part is arguably more disruptive than the encryption part, as businesses have become better at restoring their systems from backups. A data leak, however, can cause irreparable damage. More from TechRadar Pro There's now a Linux version of this dangerous VMware ransomware Here's a list of the best firewalls around today These are the best endpoint security tools right now



    ======================================================================
    Link to news story: https://www.techradar.com/pro/security/fake-hack-back-offers-are-putting-ranso mware-victims-at-further-risk


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)