IObit forum hacked, attackers ask to be paid only in DERO, why?

[karm_]

During the weekend the iobit forum was hacked and I received an email from the official iobit address inviting me to download the premium version of their software as it would be free for all members for 1 year.
Everything seemed legit until once the installation started I understood that this was a ransomware and nearly all my files in that pc have been encrypted.
It was a complex attack engineered so well that even those with a good sense of security practices fell for it. A good explanation of the attack can be found here

https://www.bleepingcomputer.com/news/security/iobit-forums-hacked-to-spread-ransomware-to-its-members/

The forum is still offline after more than 24 hours, for now after contactig the support the only thing I was advised is to do nothing if possible until the nature of the attack is more clear. I installed it in an old laptop which I hardly ever use so I can wait but that's not much of a consolation.

The strangest thing about this whole story is that these hackers specifically asked to be paid only with a privacy coin called DERO, which I've seen to be virtually unknown for now. I wonder why not choose a more common and easy-to-buy coin like monero? Do they know something about it?
They seem so convinced that its price will go up that they promise (if you pay the ransom of 200 dero) to return the equivalent of $500 back when dero will be worth $ 100/coin. Obviously they're probably just trolling but I wonder why doing all that work and risking so much to ask for such a small cap coin? Are they trying to drive up it's price? They also publicly plead to blame iobit for the attack and ask to pressure them to pay the ransom of 100k dero, after that, they would unlock all the devices. Do you think a company like iobit could ever think of paying the ransom? I checked quickly and to buy 100k dero they would need 5-6 btc (about 200k dollar) but the price of the coin would make at least x4. I have no idea if that amount is affordable for them but although I doubt they will pay they certainly suffered severe reputational damage (already low) with this attack.
If this is the first attack of this type I wonder if in the future there will be others and if they will always ask for dero as a ransom do you think the value of this coin could go up a lot?

All the story is pretty strange, if somebody here have some theories I'd be curious.

[Sterbens]

If this is the first attack of this type I wonder if in the future there will be others and if they will always ask for dero as a ransom do you think the value of this coin could go up a lot?

I don't think this really guarantees price movements in any market that only has a volume of $ 40,571, and even then only operates in one market (at the moment). Instead, I was wondering why not asking for bitcoin payments? isn't the value much higher? Of course this will trigger a big problem where the thieves have other motives besides hacking into the iobit system.

[karm_]

If this is the first attack of this type I wonder if in the future there will be others and if they will always ask for dero as a ransom do you think the value of this coin could go up a lot?

https://i.ibb.co/k3LRZxz/image.png

I don't think this really guarantees price movements in any market that only has a volume of $ 40,571, and even then only operates in one market (at the moment). Instead, I was wondering why not asking for bitcoin payments? isn't the value much higher? Of course this will trigger a big problem where the thieves have other motives besides hacking into the iobit system.

https://i.ibb.co/ykTkDyW/image.png

In the attached html pages the hackers advise to buy dero on tradeogre or kucoin, probably these are the only ones with real volume. Btw I think the fact that it has such a low volume is one of the reason why the price could move in the future if these attacks will be repeated.
I can agree they have maybe other motives and thats the strange part that I'd like to understand, usually in this kind of attack they ask for bitcoin or maybe monero.

[karm_]

A little update on this strange story: https://www.bleepingcomputer.com/news/security/ransomware-gang-taunts-iobit-with-repeated-forum-hacks/
Hackers blame IObit for not being able to restore their server after more than a week. They renew their request for 100k dero and threaten other attacks and leaks.
IObit hasn't made any official statements yet, quite scandalous in my opinion.

[jacafbiz]

This could be an inside job, maybe the hacker is sitting on bags of DERO tokens and saw an opportunity to hack the website so if he demands for DERO token in payment the hackee will need to go to exchange to go and bid for DERO tokens and the hacker will be the one selling his tokens to him. This do not make sense, because it seems something somewhere is fishing

[Febo]

IObit forum hacked

I would stay away from them. And reformat your computer right now. You can get a malware in their software and they steal your private keys when you will want to pay them or when you will want to buy this silly coins.

[Flowzer]

This could be an inside job, maybe the hacker is sitting on bags of DERO tokens and saw an opportunity to hack the website so if he demands for DERO token in payment the hackee will need to go to exchange to go and bid for DERO tokens and the hacker will be the one selling his tokens to him. This do not make sense, because it seems something somewhere is fishing

Its logic and possible move which hacker takes. I dont see DERO have any privacy feature to hide the track of its move, so maybe the plan is they sold all of their DERO on exchange, buy some privacy coin and getting lost as fast as possible before the exchange block their account.

[karm_]

This could be an inside job, maybe the hacker is sitting on bags of DERO tokens and saw an opportunity to hack the website so if he demands for DERO token in payment the hackee will need to go to exchange to go and bid for DERO tokens and the hacker will be the one selling his tokens to him. This do not make sense, because it seems something somewhere is fishing

Its logic and possible move which hacker takes. I dont see DERO have any privacy feature to hide the track of its move, so maybe the plan is they sold all of their DERO on exchange, buy some privacy coin and getting lost as fast as possible before the exchange block their account.

As far as I have seen dero is a privacy coin that derives from monero but has been rewritten from 0 so it should be as anonymous as that, it is however strange that they have chosen to request dero rather than monero anyway since it is much easier to buy and widespread.

[longyenthanh]

This could be an inside job, maybe the hacker is sitting on bags of DERO tokens and saw an opportunity to hack the website so if he demands for DERO token in payment the hackee will need to go to exchange to go and bid for DERO tokens and the hacker will be the one selling his tokens to him. This do not make sense, because it seems something somewhere is fishing

Its logic and possible move which hacker takes. I dont see DERO have any privacy feature to hide the track of its move, so maybe the plan is they sold all of their DERO on exchange, buy some privacy coin and getting lost as fast as possible before the exchange block their account.

As far as I have seen dero is a privacy coin that derives from monero but has been rewritten from 0 so it should be as anonymous as that, it is however strange that they have chosen to request dero rather than monero anyway since it is much easier to buy and widespread.

Also, the most likely scenario seems to me to be that the hacker is fully packed in DERO.
Another thing may be that DERO is completely random and the attacker had completely different intentions and it is only a distraction from the true intentions of the hacker.
We almost certainly don't know something yet, which is why IObit doesn't make an official statement.

[karm_]

Ok guys maybe no one cares but I think an update on the situation is a must.

1 month passed since the hack and iobit forum is still offline
The price of dero in dollars since I made this thread has doubled but I don't think it is because of the purchases by IOBIT, very similar movements can be seen in other coins as well.. Who knows?

No official statement from the "antivirus" company yet