[2018-11-13] Hackers Demand $6.3 Million in Bitcoin From Malaysian Media Giant

[cybersofts]

Ransomware creators have attacked Malaysian media giant Media Prima Bhd and are demanding bitcoins before they can allow access to the company’s compromised computer systems.

According to The Edge Markets, which initially broke the news, the hackers struck on November 8 consequently denying the company’s employees access to the email system. The hackers are now demanding 1,000 bitcoins, translating to approximately US$6.3 million at current market prices, to reauthorize access.

Media Prima did not, however, confirm the attack though sources indicated that the publicly listed company would not be paying the ransom. Sources also told The Edge Markets that with access to the office email denied, the media giant had migrated to G Suite, a Google product hosted offsite.

It was also not immediately clear whether the company which owns four TV stations, four radio stations and three national newspapers among other media assets had lodged a complaint with the police.

Lucrative Business
While extortionists have been targeting individuals in the recent past especially by threatening to reveal the porn-viewing habits of their victims, it has generally been more lucrative to target businesses. According to a report by cybersecurity firm Sophos, the SamSam ransomware, which has mostly targeted business enterprises and public bodies, has, for instance, generated its creators bitcoin worth more than US$6 million since it emerged three years ago.

    SamSam Ransomware Makers Rake in $6 Million in Bitcoin: Research https://t.co/4QpLROcvRS

    — CCN (@CryptoCoinsNews) August 2, 2018

Some of the high-profile victims of ransomware attacks in the recent past have included the Port of San Diego. While the Californian port did not reveal the amount that the hackers demanded, it was serious enough that it got the U.S. Federal Bureau of Investigations, the U.S. Department of Homeland Security and the U.S. Coast Guard involved.

“As previously stated, the investigation has detected that ransomware was used in this attack. The Port can also now confirm that the ransom note requested payment in Bitcoin, although the amount that was requested is not being disclosed,” a statement from the Port of San Diego read, as CCN reported at the time.

Can’t Pay, Won’t Pay
Another high-profile target of ransomware in the recent past was the Professional Golfers Association (PGA) of America. In this case, the hackers encrypted critical files denying access to them just as the golfing body was holding a PGA Championship event as well as preparing for the Ryder Cup.

    Hackers Breach PGA Servers Ahead of Golf Championship, Demand Bitcoin https://t.co/q1j9pJ1n3u

    — CCN (@CryptoCoinsNews) August 10, 2018

The compromised files consisted mostly of marketing and promotional materials, some of which had been under development for more than 12 months. And just like in the case of Media Prima Bhd, the PGA of America declined to pay the hackers the ransom demanded.


Source: https://www.ccn.com/hackers-demand-6-3-million-in-bitcoin-from-malaysian-media-giant/

[1714976419]

1714976419

[1714976419]

1714976419

[1714976419]

1714976419

[Harlot]

I think that since last year ransomware has been attacking big businesses already as this is where the big money is. But the problem here is paying up is never really an option as the computers are already compromised by the malware itself. Once they paid there is no guarantee that there will be no upcoming attacks to their company, they might even be the next likely target again as they have paid up the some they are asking for. I don't know how victimized  companies handle this situation but they really have a few (costly) options to consider.

[hatshepsut93]

I think that since last year ransomware has been attacking big businesses already as this is where the big money is. But the problem here is paying up is never really an option as the computers are already compromised by the malware itself. Once they paid there is no guarantee that there will be no upcoming attacks to their company, they might even be the next likely target again as they have paid up the some they are asking for. I don't know how victimized  companies handle this situation but they really have a few (costly) options to consider.

On top of that, refusing to pay discourages the future attack, because hackers will now think twice before deciding to spend their time preparing an attack that might not pay off. And every company out there should invest in cybersecurity, because if they don't, it's only a matter of time till they get hacked, and the damage will be way higher than the costs of preventing it.

[milewilda]

I think that since last year ransomware has been attacking big businesses already as this is where the big money is. But the problem here is paying up is never really an option as the computers are already compromised by the malware itself. Once they paid there is no guarantee that there will be no upcoming attacks to their company, they might even be the next likely target again as they have paid up the some they are asking for. I don't know how victimized  companies handle this situation but they really have a few (costly) options to consider.

On top of that, refusing to pay discourages the future attack, because hackers will now think twice before deciding to spend their time preparing an attack that might not pay off. And every company out there should invest in cybersecurity, because if they don't, it's only a matter of time till they get hacked, and the damage will be way higher than the costs of preventing it.

It should really be maintained and well updated so that attacks wont really be easy to penetrate but most of them will just ignore that basic thing.They would only realize that security is important if they do
already experience problems like this one.If said company didnt tend to pay up the ransom then most of the case they are confident enough that they can handle out the situation rather than paying up $6M.
Agree on the thing said above where theres no guarantee that if they would pay the ransom there would be no next attack.

[Thekool1s]

I doubt this will demotivate the hackers. I mean it was an email server which they got hold of nothing which could have been a national threat. 6.7$ million dollars was a stupendous amount to ask iyam. They weren't really smart about their act. Also, I don't get this, why do these hackers want to get paid in BTC. I mean it isn't truly anonymous, it can be tracked. Why not ask for the ransom in something like monero for total anonymity? I mean they are smart enough to hack these corporations but they aren't smart enough to use a totally anonymous currency...  

I get a feeling from these hacks that they all are false flag designed to give bad press to bitcoin.

[LeGaulois]

@Thekool1s
Because it's a pain to pay using Bitcoin already for someone who never heard of previously, the hacker is just trying to make it easier to pay. They usually have a delay before paying. He knows about the pseudo-privacy with Bitcoin but he also knows how to make the bitcoins clean again.
When a company is targeted with by a ransomware, a lot of them hire the first IT agency they find. (Which often tell them to pay the amount asked if the files are so crucial)

[1Referee]

Why not ask for the ransom in something like monero for total anonymity? I mean they are smart enough to hack these corporations but they aren't smart enough to use a totally anonymous currency...  

I get a feeling from these hacks that they all are false flag designed to give bad press to bitcoin.

It could very well be, but in some cases hackers aren't much different from average joes thinking that Bitcoin is an anonymous currency that can't be traced.

I remember how even drug dealers were traced and arrested because they sold the coins to a local exchanging service they were fully verified at. It's almost impossible for us to understand how stupid people can be, but some of them really think they are safe because of Bitcoin's "anonymous" nature.

Because it's a pain to pay using Bitcoin already for someone who never heard of previously, the hacker is just trying to make it easier to pay. They usually have a delay before paying. He knows about the pseudo-privacy with Bitcoin but he also knows how to make the bitcoins clean again.
When a company is targeted with by a ransomware, a lot of them hire the first IT agency they find. (Which often tell them to pay the amount asked if the files are so crucial)

It's not 2013 anymore. Most exchanges allow people to buy a wide variety of coins just as easily as they can buy Bitcoin, where people can simply use the address provided by the criminals to have the funds sent to.

[Thekool1s]

It could very well be, but in some cases hackers aren't much different from average joes thinking that Bitcoin is an anonymous currency that can't be traced.

I mean they are hacking million dollar corporations, They have to be smart enough to cover their tracks, as it usually requires social engineering too. I mean a quick google search reveals the true nature of bitcoin. I just can't swallow the fact that these smart hackers are really that dumb.

It's almost impossible for us to understand how stupid people can be

But stupid people mostly don't code or have the resources to socially engineer their attacks. You can't compare Drug Dealers with Hackers, they both lie on opposite sides of the spectrum.

@LeGaulois Just like @1Referee mentioned, It ain't 2013 anymore. A quick google search can reveal how to get hands on any currency. There are tons of tutorials out there who even a 10-year-old can follow.

[BitHodler]

I get a feeling from these hacks that they all are false flag designed to give bad press to bitcoin.

Wouldn't really surprise me to be honest. Both banks and news outlets have a bias towards bad publicity. Banks want to give Bitcoin a bad name, where news outlets are money hungry entities looking to bank on drama.

It could even be the government itself. The central bank of Poland once paid social media stars to discredit Bitcoin and crypto currencies by highlighting how dangerous and risky they are as an asset.

It's pretty easy to make up something and ask for ridiculous amounts of Bitcoin, where the higher the amount is, the more attention you'll get. I never take any of these articles for face value, neither should others do.

[Thekool1s]

@bithodler yeah I won't be surprised either. I mean a dude like him https://www.ccn.com/bitcoin-is-the-evil-spawn-of-the-financial-crisis-european-central-bank-board-member/

could easily hire people to fake stuff. With the right amount of backing anything is possible iyam.

[buwaytress]

Can't remember where I read it (tried to search to share the link) but there was an investigative report by one of the smaller media companies suggesting that while most of these corporate victims publicly declare that they refuse to pay up these ransoms, behind the scenes they actually do. They employ intermediaries to negotiate with the hackers, usually to agree to pay only with anonymous and quiet settlements.

Apparently happens with a lot of kidnap cases too. Objective is to "discourage" further threats while still recovering their stuff.

White hat hackers should be able to reverse engineer most of those locked systems though, no?

[Thekool1s]

White hat hackers should be able to reverse engineer most of those locked systems though, no?

Most likely no, These files get encrypted. Unless these whitehat hackers can find encryption keys they can't do really much. Bruteforcing is an option but that requires time and a huge amount of resources to pull it off. Most of these ransonwares are time locked So Bruteforcing things out certainly isn't an option.

[YulianaP]

Why do they demand payment in BTC? BTC is traceable.

[KryptoKai]

I am also surprised that they are demanding. With those type of skills you would think they would know that bitcoin is traceable and that they should demand payment in ZCASH or MONERO instead. Perhaps they already have a bitcoin buyer ready to go

[jademaxxiss012]

This really prove that because of anonymity feature some may abuse the bitcoin system taking advantage of its anonymity feature. If this could be remove then probably it will be gone good now. Just can't figure out why they can't twist this feature into something that could prevented this abusive form of use of bitcoin.

[Dilerium90]

Do you have a feeling that these “attacks” on the catfish are actually initiated by the creators themselves, so that they can withdraw money under cover? This is a standard move. Very smart. I'm not saying that this is true, but ...

[1BTC EQUALS 1CAR]

Do you have a feeling that these “attacks” on the catfish are actually initiated by the creators themselves, so that they can withdraw money under cover? This is a standard move. Very smart. I'm not saying that this is true, but ...

No. It's a series of completely different incedents. Those companies aren't related to each other. I'm just glad that some of them refused to pay those hackers. They might have a backup file or they have a good cybersecurity experts that have known it could happen so they kept all the files in other storage device.

[jademaxxiss012]

It is not only Malaysian establishment, companies are being attack by the hackers. Even other states also and countries are experiencing this kind of activities from the hackers. I bet that the only solution for this is not to pay the ransom so that they will not going to find another reason to hack your company again.