Ransomware Cyber Pirates strike again and rakes in more crypto!

[tread93]

I don't even need to drop a source you can read it all over the internet and see it all over the news, Shimano got hacked earlier this week, MGM casino/hotel group reccently, Boeing, so many others. Ransomware groups are very intruiging to me because they operate just like any normal business; they even have a telephone line and an email for support on paying them their ransome to decrypt your company's data. These groups ought to think they are so savvy, until the US sanctions office comes and knocks on their door! Which is honestly sort of unlikely to happen at this point as these ransomware groups are sheer experts with computing and seeking out vulernable corporate networks to pillage and muck up. The average ransom paid out varies but can range from a couple thousand dollars to millions of dollars. Its even more so interesting to me because since these attacks are so commonplace now, insurance companies and regulators are all making sufficient cyber security solutions a requirement such as having an EDR solution that meets regulations in place in order to get coverage, and operate their business legally. Oftentimes Incident Response or IR companies are hired to help them negotiate w/ the cyber pirates and pay them a ransom in BTC. Hackers surely have quite the attack surface these days, just make sure your coins and crypto are secure!

[1715005573]

1715005573

[1715005573]

1715005573

[1715005573]

1715005573

[hatshepsut93]

What people really don't want to talk about is that cryptocurrency enabled ransomwere, because it's a global and private payment method which is perfect for hackers to receive payments from victims. Bank transfers or PayPal are not global, they have security checks for large transactions, they can freeze accounts or transactions and accounts need to be registered with government id. Like it or not, ransomwere wouldn't be as prevalent as it is now if cryptocurrency didn't exist.

[mk4]

A trial by fire. I know this sucks for the businesses and their users, but this will cause these companies to actually take their cyber security a lot more seriously and stop being complacent as hell. At the very least — at least even the platforms now take some flack, rather than only the users.

[Kemarit]

I don't even need to drop a source you can read it all over the internet and see it all over the news, Shimano got hacked earlier this week, MGM casiono/hotel group reccently, Boeing, so many others. Ransomware groups are very intruiging to me because they operate just like any normal business; they even have a telephone line and an email for support on paying them their ransome to decrypt your company's data. These groups ought to think they are so savvy, until the US sanctions office comes and knocks on their door! Which is honestly sort of unlikely to happen at this point as these ransomware groups are sheer experts with computing and seeking out vulernable corporate networks to pillage and muck up. The average ransom paid out varies but can range from a couple thousand dollars to millions of dollars. Its even more so interesting to me because since these attacks are so commonplace now, insurance companies and regulators are all making sufficient cyber security solutions a requirement such as having an EDR solution that meets regulations in place in order to get coverage, and operate their business legally. Oftentimes Incident Response or IR companies are hired to help them negotiate w/ the cyber pirates and pay them a ransom in BTC. Hackers surely have quite the attack surface these days, just make sure your coins and crypto are secure!

Or at least make that one mistake when they try to mix coins using centralized platform. And then you have to think as to why the hell this supposedly hackers, a group of them making that one biggest mistakes that can take them down.

In any case, yes, everyone is vulnerable, there's even government attacks as well from them and then demanding ransom as if they are above the law. But with regards to the world that we live in, we really can't stress that enough. We need to educate ourselves on safe practices here, online and offline so that we will not be another statistics to the growing crypto enthusiast who lost it to this criminals.

[adaseb]

Are companies really affected by these randomsware attacks anymore? You would think unless it was some small mom and pop business most IT have a up to date backup.

Even 20 years ago when I worked for a company, they had simple backups with Windows OS, every hour, every day it would make a backup. Saved the company a few times.

[Silberman]

Are companies really affected by these randomsware attacks anymore? You would think unless it was some small mom and pop business most IT have a up to date backup.

Even 20 years ago when I worked for a company, they had simple backups with Windows OS, every hour, every day it would make a backup. Saved the company a few times.

When a company owner or a CEO are looking for ways to reduce costs they look at those backups as a waste of resources, so they simply cut down those costs, after all what is the worst it could happen? And that is when they become extremely vulnerable to a ransomware attack and then they have to pay way more to get back their data, with no way to be sure if the information they are receiving back is completely intact or if there is still malicious software being hidden anywhere in that data.

[Amphenomenon]

A trial by fire. I know this sucks for the businesses and their users, but this will cause these companies to actually take their cyber security a lot more seriously and stop being complacent as hell. At the very least — at least even the platforms now take some flack, rather than only the users.

Yes now I having more than a basic knowledge of cybersecurity may be among of the requirements for employment because we have seen/known how some systems are really secured but out of the negligence of the supervisor, the organisation still victims of hack. While also users should be careful because using a hardware wallet do not make your coins 100% safe from hacks, you have to be cautious and make it safe yourself by taking proper steps in doing so because hackers are not sleeping but constantly developing new innovative for their schemes and if we are uninformed we will be victimised.

[NotATether]

Are companies really affected by these randomsware attacks anymore? You would think unless it was some small mom and pop business most IT have a up to date backup.

Even 20 years ago when I worked for a company, they had simple backups with Windows OS, every hour, every day it would make a backup. Saved the company a few times.

When a company owner or a CEO are looking for ways to reduce costs they look at those backups as a waste of resources, so they simply cut down those costs, after all what is the worst it could happen? And that is when they become extremely vulnerable to a ransomware attack and then they have to pay way more to get back their data, with no way to be sure if the information they are receiving back is completely intact or if there is still malicious software being hidden anywhere in that data.

Dude, someone show tell them that storage is CHEAP.

An Amazon S3 backup of a hundred computers each with with about 30GB worth of hard hard disk data, every day (so 100TB) stored in Glacier storage costs only $100 dollars per month.

Even other cloud backup services have similar rates.

These hackers are telling people to pay millions, hundreds of thousands of dollars.

What's so difficult about spending a few thousand dollars over several years to make sure that you never have to worry about ransomware hackers?

[davis196]

The best way to deal with ransomware is to NEVER PAY THE RANSOM.
If the network gets hacked, the companies will have to rebuild it from scratch with backed up data(assuming that they are backing up their data). If they don't backup their data, this means that they are totally unprofessional and irresponsible when dealing with sensitive info.
Cryptocurrencies should not be blamed for the existence of ransomware. What if the hackers are asking for gift cards instead of crypto?
Does that mean that all companies issuing gift cards are guilty for the existence of ransomware? 

[pinggoki]

When a company owner or a CEO are looking for ways to reduce costs they look at those backups as a waste of resources, so they simply cut down those costs, after all what is the worst it could happen? And that is when they become extremely vulnerable to a ransomware attack and then they have to pay way more to get back their data, with no way to be sure if the information they are receiving back is completely intact or if there is still malicious software being hidden anywhere in that data.

These CEOs that you are talking about aren't cutting costs, they're more or less trying to cut corners so they can get more profit from the business, that's what they've been doing especially those that aren't tech oriented companies, they have low priority on cybersecurity so they end up becoming vulnerable to attacks and most of those attacks are the basic ones in the cybersecurity standard but with such a bad security for the company, they're easily taken down. Ransomwares won't do anything to the hostage data, they are like some kind of a car boot for your database where you can't do a thing about it until you've paid for it but they can't really steal the car but they can inconvenience you, that's how ransomware works I think or how I understand it works.

[Alphakilo]

What people really don't want to talk about is that cryptocurrency enabled ransomwere, because it's a global and private payment method which is perfect for hackers to receive payments from victims.

Bitcoin as well as other cryptos have made ransomware even more appealing to cyber criminals.The SEC can't track it as these hackers move and exchange cryptocurrency through a maze of accounts. These hackers even have web forums just like this with reputations and ranks and what not.

Like it or not, ransomwere wouldn't be as prevalent as it is now if cryptocurrency didn't exist.

But now that it is prevalent what could be a potential solution. Stronger regulation of cryptocurrency will not salvage this problem. Individual vigilance helps. So be careful what you click on we're basically leaving the door unlocked for these guys and then complaining when they rob us

[Husires]

These attacks may not be common in my country because hacking accounts does not give many returns, but companies must have good employees or at least deal with information-secure companies instead of paying these scammers who may access personal data and blackmail you with it.
Use a clean computer and do not download random applications if you want to avoid such viruses, and paying a few thousand dollars is not a small sum.

[CryptSafe]

This is why we need to take the safety and security of our assets seriously. Exchanges and other third parties are no longer safe now that hackers now hack databases of companies and exchange so easily without much stress, even to the point of demanding ransom after hacking them. The system is now lost, with no assurance that your assets and funds are well secured after much hype and promises from third parties, as that is their usual way of attracting clients to their services, and after everything, they are being hacked and their assets stolen by hackers.

This is one of the reasons we are advised to keep our assets and funds under our custody to avoid being hacked, and while under our watch,we are advised to use well-sophisticated wallets so we do not encounter any funny incidents while keeping our assets under our watch.

[Yaunfitda]

These attacks may not be common in my country because hacking accounts does not give many returns, but companies must have good employees or at least deal with information-secure companies instead of paying these scammers who may access personal data and blackmail you with it.
Use a clean computer and do not download random applications if you want to avoid such viruses, and paying a few thousand dollars is not a small sum.

I think it's more of a social engineering attacks that this criminals have been using for years, targeting employees of such companies and get their credentials to be able to get into the system. So company should first teach their employees to catch first sign that they have been a target, like phishing emails and that they should stay away with it.

Same for crypto users, don't simply trust anyone, even if it looks real and you know who send the email, we need to be very cautious and think many times before clicking any link. And obviously, not to give your credentials or connect your wallet to anything.

[Husires]

I think it's more of a social engineering attacks that this criminals have been using for years, targeting employees of such companies and get their credentials to be able to get into the system. So company should first teach their employees to catch first sign that they have been a target, like phishing emails and that they should stay away with it.

I remember that there was a local company that fired one of the employees of the IT department and they did not change the password, and then they discovered that he had modified many of the services, which forced them to pay a lot. Taking care of the environment of the employees, training them and giving them adequate salaries, with great care, will reduce the possibility of such hackers by a large percentage, but companies always Greedy for such proposals.

[coinremitter]

It's disheartening to witness the recent surge in ransomware attacks affecting prominent companies like Shimano, MGM, and Boeing. Cybersecurity is paramount in the crypto space, too. Ensure your coins and crypto are secure by adopting robust security measures. Consider utilizing reputable cybersecurity solutions, and always stay informed about the latest threats. Remember, prevention is key to safeguarding your assets. Stay vigilant, and prioritize the security of your digital assets.

[kryptqnick]

It feels like the op's post is a bit too enthusiastic about ransomware cyber criminals. I appreciate it that they don't physically hurt people to rob companies, but they're still criminals, and them using Bitcoin doesn't help its reputation (even though it's unfair to blame Bitcoin in this case). I can see articles claiming that the usage of Bitcoin is very common for ransomware attacks, but it's not necessarily a bad thing. For example, this academic paper claims that, since transactions are done via Bitcoin, and then criminals need to cash them out, it's often possible to trace and track down these activities.
I can also see that there are cyber ransomware insurance companies for those who want protection against this kind of situation, which I believe makes sense if it's a rich company or individual.

[PrivacyG]

What people really don't want to talk about is that cryptocurrency enabled ransomwere, because it's a global and private payment method which is perfect for hackers to receive payments from victims. Bank transfers or PayPal are not global, they have security checks for large transactions, they can freeze accounts or transactions and accounts need to be registered with government id. Like it or not, ransomwere wouldn't be as prevalent as it is now if cryptocurrency didn't exist.

Ransomware was a thing before Cryptocurrency.  Hackers only think nowadays it is easy to pull this scam and not get caught.

This was inevitable however.  Ever seen these movies where they present some Science Fiction futuristic outlook of the World?  Ever seen how in these movies there is hacking and cyber warfare everywhere?  This is where we are basically.  What needs to be done is a significant improvement of Security and informing the population about such threats and how to prevent them.

We can not sit in our bed and complain our information is getting hacked all the time.  There is something that needs to be done.  As technology advances, Security does too and there are new things you have to consider when opening a new message, attachment, link et cetera.

[satscraper]

If someone doesn't know, CISA has published #StopRansomware  guide " developed through the U.S. Joint Ransomware Task Force (JRTF)", the aim being to mitigate threats imposed by this kind of malware  to enterprise systems and their networks.  Even though this guide is enterprise-focused, in my view, the reading  could help individual  bitcoiners  as it contains guidance on hardening SMB components on their machines. Through much of the past decades  SMB was known to be one of the  prime infiltration channels  for plenty of ransomware.

[serveria.com]

I don't even need to drop a source you can read it all over the internet and see it all over the news, Shimano got hacked earlier this week, MGM casino/hotel group reccently, Boeing, so many others. Ransomware groups are very intruiging to me because they operate just like any normal business; they even have a telephone line and an email for support on paying them their ransome to decrypt your company's data. These groups ought to think they are so savvy, until the US sanctions office comes and knocks on their door! Which is honestly sort of unlikely to happen at this point as these ransomware groups are sheer experts with computing and seeking out vulernable corporate networks to pillage and muck up. The average ransom paid out varies but can range from a couple thousand dollars to millions of dollars. Its even more so interesting to me because since these attacks are so commonplace now, insurance companies and regulators are all making sufficient cyber security solutions a requirement such as having an EDR solution that meets regulations in place in order to get coverage, and operate their business legally. Oftentimes Incident Response or IR companies are hired to help them negotiate w/ the cyber pirates and pay them a ransom in BTC. Hackers surely have quite the attack surface these days, just make sure your coins and crypto are secure!

Frankly, I really don't understand why FBI and other law enforcement haven't captured them yet. I mean, there are email addresses, BTC wallet addresses, IPs and what not... and yet the guys are still operating. Some groups like Phobos have been around for quite a long time. 5-6 years maybe more? So why the almighty three letter agencies, who are flexing their muscles by closing one BTC mixer after another, can't stop these ransomware guys? 

[coolcoinz]

Frankly, I really don't understand why FBI and other law enforcement haven't captured them yet. I mean, there are email addresses, BTC wallet addresses, IPs and what not... and yet the guys are still operating. Some groups like Phobos have been around for quite a long time. 5-6 years maybe more? So why the almighty three letter agencies, who are flexing their muscles by closing one BTC mixer after another, can't stop these ransomware guys? 

That's because agencies want easy money, just like hackers. They prefer to go after an exchange like Binance because they're easy to get and can be forced into submission. Let's not forget that agencies know registered companies have the money and can pay fines, unlike hackers who have everything encrypted and sit in an apartment rented by a friend of a friend, eating ramen noodles all day. How do you find someone who doesn't exist? These people often don't have homes, any property, everything they own is rented using fake names.

They all learned from how Ross was caught and won't order any fake IDs to their home address

Spending the money they get from these attacks is going to be difficult though, like it was dificult for the bitfinex duo.

[hatshepsut93]

What people really don't want to talk about is that cryptocurrency enabled ransomwere, because it's a global and private payment method which is perfect for hackers to receive payments from victims. Bank transfers or PayPal are not global, they have security checks for large transactions, they can freeze accounts or transactions and accounts need to be registered with government id. Like it or not, ransomwere wouldn't be as prevalent as it is now if cryptocurrency didn't exist.

Ransomware was a thing before Cryptocurrency.  Hackers only think nowadays it is easy to pull this scam and not get caught.

Cryptocurrency is not an essential part of ransomware attacks, other payment methods could be used too, but crypto made this process so much easier and safer for the criminals that it resulted in growth of ransomware attacks. If crypto didn't exist, there would less attacks because hackers wouldn't spend their time on developing them and focus on other attacks instead, and they would be getting caught more often because fiat payments leave more trails.

[tread93]

The best way to deal with ransomware is to NEVER PAY THE RANSOM.
If the network gets hacked, the companies will have to rebuild it from scratch with backed up data(assuming that they are backing up their data). If they don't backup their data, this means that they are totally unprofessional and irresponsible when dealing with sensitive info.
Cryptocurrencies should not be blamed for the existence of ransomware. What if the hackers are asking for gift cards instead of crypto?
Does that mean that all companies issuing gift cards are guilty for the existence of ransomware? 

Yeah this is great and all until the company that doesn't pay the ransom had all your contact and payment information maybe even medical social security etc etc. The last company that didn't pay the ransom was Shimano and the hackers ended up publishing a lot of proprietary company information. It's a shame it has come to this. Current hackers with LockBit have even outed their victims to the SEC via a complaint form for not paying ransoms,

[Zlantann]

The best way to deal with ransomware is to NEVER PAY THE RANSOM.
If the network gets hacked, the companies will have to rebuild it from scratch with backed up data(assuming that they are backing up their data). If they don't backup their data, this means that they are totally unprofessional and irresponsible when dealing with sensitive info.
Cryptocurrencies should not be blamed for the existence of ransomware. What if the hackers are asking for gift cards instead of crypto?
Does that mean that all companies issuing gift cards are guilty of the existence of ransomware?  

Most of these companies have some classified information that can destroy the company if it is revealed to the public. Some firms don't also want to personal information of their clients to be put in the public space. It is not that easy to start from scratch after a hack. Some of these firms also engage in illegal or shady deals that they want to keep secret from customers or regulatory agencies. So they have no other option than to pay the hackers to avoid the consequences of destroying the reputation of the company.

In some cases, these hackers keep coming back periodically to ask for more ransom after they have been paid off. So the best option will always be to secure the organisation with advanced cyber security measures to avoid attacks. Spending money on security is cheaper and safer than paying ransom.

Just like any other medium of exchange crypto, can be used to collect ransom and that doesn't make it bad. Everything in this world has benefits and defects so these criminals are taking advantage of the decentralization and privacy features of cryptos. Government authorities should seek for means to solve the problem and not the means of payment. These criminals will seek other means of payment if the use of cryptocurrency becomes unsafe.

[Trawda]

Since the hackers are being negotiated with, and the ransom is paid to them in BTC, the US government will certainly find the opportunity to accuse Bitcoin of being used by ransomware criminals because it makes it difficult to track them.

[tread93]

I don't even need to drop a source you can read it all over the internet and see it all over the news, Shimano got hacked earlier this week, MGM casino/hotel group reccently, Boeing, so many others. Ransomware groups are very intruiging to me because they operate just like any normal business; they even have a telephone line and an email for support on paying them their ransome to decrypt your company's data. These groups ought to think they are so savvy, until the US sanctions office comes and knocks on their door! Which is honestly sort of unlikely to happen at this point as these ransomware groups are sheer experts with computing and seeking out vulernable corporate networks to pillage and muck up. The average ransom paid out varies but can range from a couple thousand dollars to millions of dollars. Its even more so interesting to me because since these attacks are so commonplace now, insurance companies and regulators are all making sufficient cyber security solutions a requirement such as having an EDR solution that meets regulations in place in order to get coverage, and operate their business legally. Oftentimes Incident Response or IR companies are hired to help them negotiate w/ the cyber pirates and pay them a ransom in BTC. Hackers surely have quite the attack surface these days, just make sure your coins and crypto are secure!

Frankly, I really don't understand why FBI and other law enforcement haven't captured them yet. I mean, there are email addresses, BTC wallet addresses, IPs and what not... and yet the guys are still operating. Some groups like Phobos have been around for quite a long time. 5-6 years maybe more? So why the almighty three letter agencies, who are flexing their muscles by closing one BTC mixer after another, can't stop these ransomware guys?  

What I can tell you is that they work together with a lot of other agencies including other government and non-goverment agencies such as law firms or insurance companies and there is compliance measure in place in terms of what BTC addresses that they can pay and cannot pay to, which to me is such a crazy idea because why would they allow or have to give the OK or permisison for an insurance company to pay criminals with crypto to pre checked btc addresses. This happens all the time and now there is industry standard cyber insurance and everything. The reality of this is that this funds industry on both sides of the equation and its honeslty just a byproduct of the maturity of the internet IMO.

[panganib999]

Which is why I always advocate for using and always turning your antivirus on! You'd be surprised at how much trojan and malware attempts you get on a daily basis, so might as well make sure that your first line of defense is as robust as possible! I've been a victim of this in the past, and it's all because I failed to keep my pc safe. The ransomware stuff is getting highlighted nowadays because they do it against major players in the outside market, but this happens to every day users world-wide and as a matter of fact, the money they collectively get from all the hackings worldwide might even dim the amount of money they take from these short-form rendezvous and this never gets this highlighted in the news sucks.

[serjent05]

What people really don't want to talk about is that cryptocurrency enabled ransomwere, because it's a global and private payment method which is perfect for hackers to receive payments from victims. Bank transfers or PayPal are not global, they have security checks for large transactions, they can freeze accounts or transactions and accounts need to be registered with government id. Like it or not, ransomwere wouldn't be as prevalent as it is now if cryptocurrency didn't exist.

As far as history is concerned, I believe ransomware has been in the circulation since 1989[1].  So basically it already exist decades before Bitcoin or cryptocurrency become the hot topic.  We were not that much informed during the time before until we participated in the cryptocurreny industry because by then it is a common topic for us to read.  I agree that the creation of cryptocurrency make it for the hacker to easily get paid for the ransome but it isn't the cryptocurrency that enabled this ransomware since  the attack already exist/happening even before these cryptocurrency craze starts.



As people who are frequent in browsing different sites, we must be vigilant and attentive to files we are downloading.  Often times, Malware and Internet protection is a step behind from these newly develop trojan that can infiltrate our system and hijackt it, so we must be very careful in downloading files and opening websites.



[1] https://flashpoint.io/blog/the-history-and-evolution-of-ransomware-attacks/

[boyptc]

This is the reason why there's more demand now for cybersecurity staff and experts. The budget that these companies to be allotted from these services are going to save them a lot of money than being hacked and asked for a ransom.

And for these hackers, whether they're individuals or groups. Soon, with a very minimal mistake they do, someone's gonna knock to their doors and they'll get arrested.

A mistake like leaving internet footprints.