Ransomware Cyber Pirates strike again and rakes in more crypto!

[tread93]

I don't even need to drop a source you can read it all over the internet and see it all over the news, Shimano got hacked earlier this week, MGM casino/hotel group reccently, Boeing, so many others. Ransomware groups are very intruiging to me because they operate just like any normal business; they even have a telephone line and an email for support on paying them their ransome to decrypt your company's data. These groups ought to think they are so savvy, until the US sanctions office comes and knocks on their door! Which is honestly sort of unlikely to happen at this point as these ransomware groups are sheer experts with computing and seeking out vulernable corporate networks to pillage and muck up. The average ransom paid out varies but can range from a couple thousand dollars to millions of dollars. Its even more so interesting to me because since these attacks are so commonplace now, insurance companies and regulators are all making sufficient cyber security solutions a requirement such as having an EDR solution that meets regulations in place in order to get coverage, and operate their business legally. Oftentimes Incident Response or IR companies are hired to help them negotiate w/ the cyber pirates and pay them a ransom in BTC. Hackers surely have quite the attack surface these days, just make sure your coins and crypto are secure!

[1714329868]

1714329868

[1714329868]

1714329868

[1714329868]

1714329868

[1714329868]

1714329868

[1714329868]

1714329868

[hatshepsut93]

What people really don't want to talk about is that cryptocurrency enabled ransomwere, because it's a global and private payment method which is perfect for hackers to receive payments from victims. Bank transfers or PayPal are not global, they have security checks for large transactions, they can freeze accounts or transactions and accounts need to be registered with government id. Like it or not, ransomwere wouldn't be as prevalent as it is now if cryptocurrency didn't exist.

[mk4]

A trial by fire. I know this sucks for the businesses and their users, but this will cause these companies to actually take their cyber security a lot more seriously and stop being complacent as hell. At the very least — at least even the platforms now take some flack, rather than only the users.

[Kemarit]

I don't even need to drop a source you can read it all over the internet and see it all over the news, Shimano got hacked earlier this week, MGM casiono/hotel group reccently, Boeing, so many others. Ransomware groups are very intruiging to me because they operate just like any normal business; they even have a telephone line and an email for support on paying them their ransome to decrypt your company's data. These groups ought to think they are so savvy, until the US sanctions office comes and knocks on their door! Which is honestly sort of unlikely to happen at this point as these ransomware groups are sheer experts with computing and seeking out vulernable corporate networks to pillage and muck up. The average ransom paid out varies but can range from a couple thousand dollars to millions of dollars. Its even more so interesting to me because since these attacks are so commonplace now, insurance companies and regulators are all making sufficient cyber security solutions a requirement such as having an EDR solution that meets regulations in place in order to get coverage, and operate their business legally. Oftentimes Incident Response or IR companies are hired to help them negotiate w/ the cyber pirates and pay them a ransom in BTC. Hackers surely have quite the attack surface these days, just make sure your coins and crypto are secure!

Or at least make that one mistake when they try to mix coins using centralized platform. And then you have to think as to why the hell this supposedly hackers, a group of them making that one biggest mistakes that can take them down.

In any case, yes, everyone is vulnerable, there's even government attacks as well from them and then demanding ransom as if they are above the law. But with regards to the world that we live in, we really can't stress that enough. We need to educate ourselves on safe practices here, online and offline so that we will not be another statistics to the growing crypto enthusiast who lost it to this criminals.

[adaseb]

Are companies really affected by these randomsware attacks anymore? You would think unless it was some small mom and pop business most IT have a up to date backup.

Even 20 years ago when I worked for a company, they had simple backups with Windows OS, every hour, every day it would make a backup. Saved the company a few times.

[Silberman]

Are companies really affected by these randomsware attacks anymore? You would think unless it was some small mom and pop business most IT have a up to date backup.

Even 20 years ago when I worked for a company, they had simple backups with Windows OS, every hour, every day it would make a backup. Saved the company a few times.

When a company owner or a CEO are looking for ways to reduce costs they look at those backups as a waste of resources, so they simply cut down those costs, after all what is the worst it could happen? And that is when they become extremely vulnerable to a ransomware attack and then they have to pay way more to get back their data, with no way to be sure if the information they are receiving back is completely intact or if there is still malicious software being hidden anywhere in that data.

[Amphenomenon]

A trial by fire. I know this sucks for the businesses and their users, but this will cause these companies to actually take their cyber security a lot more seriously and stop being complacent as hell. At the very least — at least even the platforms now take some flack, rather than only the users.

Yes now I having more than a basic knowledge of cybersecurity may be among of the requirements for employment because we have seen/known how some systems are really secured but out of the negligence of the supervisor, the organisation still victims of hack. While also users should be careful because using a hardware wallet do not make your coins 100% safe from hacks, you have to be cautious and make it safe yourself by taking proper steps in doing so because hackers are not sleeping but constantly developing new innovative for their schemes and if we are uninformed we will be victimised.

[NotATether]

Are companies really affected by these randomsware attacks anymore? You would think unless it was some small mom and pop business most IT have a up to date backup.

Even 20 years ago when I worked for a company, they had simple backups with Windows OS, every hour, every day it would make a backup. Saved the company a few times.

When a company owner or a CEO are looking for ways to reduce costs they look at those backups as a waste of resources, so they simply cut down those costs, after all what is the worst it could happen? And that is when they become extremely vulnerable to a ransomware attack and then they have to pay way more to get back their data, with no way to be sure if the information they are receiving back is completely intact or if there is still malicious software being hidden anywhere in that data.

Dude, someone show tell them that storage is CHEAP.

An Amazon S3 backup of a hundred computers each with with about 30GB worth of hard hard disk data, every day (so 100TB) stored in Glacier storage costs only $100 dollars per month.

Even other cloud backup services have similar rates.

These hackers are telling people to pay millions, hundreds of thousands of dollars.

What's so difficult about spending a few thousand dollars over several years to make sure that you never have to worry about ransomware hackers?

[davis196]

The best way to deal with ransomware is to NEVER PAY THE RANSOM.
If the network gets hacked, the companies will have to rebuild it from scratch with backed up data(assuming that they are backing up their data). If they don't backup their data, this means that they are totally unprofessional and irresponsible when dealing with sensitive info.
Cryptocurrencies should not be blamed for the existence of ransomware. What if the hackers are asking for gift cards instead of crypto?
Does that mean that all companies issuing gift cards are guilty for the existence of ransomware? 

[pinggoki]

When a company owner or a CEO are looking for ways to reduce costs they look at those backups as a waste of resources, so they simply cut down those costs, after all what is the worst it could happen? And that is when they become extremely vulnerable to a ransomware attack and then they have to pay way more to get back their data, with no way to be sure if the information they are receiving back is completely intact or if there is still malicious software being hidden anywhere in that data.

These CEOs that you are talking about aren't cutting costs, they're more or less trying to cut corners so they can get more profit from the business, that's what they've been doing especially those that aren't tech oriented companies, they have low priority on cybersecurity so they end up becoming vulnerable to attacks and most of those attacks are the basic ones in the cybersecurity standard but with such a bad security for the company, they're easily taken down. Ransomwares won't do anything to the hostage data, they are like some kind of a car boot for your database where you can't do a thing about it until you've paid for it but they can't really steal the car but they can inconvenience you, that's how ransomware works I think or how I understand it works.

[Alphakilo]

What people really don't want to talk about is that cryptocurrency enabled ransomwere, because it's a global and private payment method which is perfect for hackers to receive payments from victims.

Bitcoin as well as other cryptos have made ransomware even more appealing to cyber criminals.The SEC can't track it as these hackers move and exchange cryptocurrency through a maze of accounts. These hackers even have web forums just like this with reputations and ranks and what not.

Like it or not, ransomwere wouldn't be as prevalent as it is now if cryptocurrency didn't exist.

But now that it is prevalent what could be a potential solution. Stronger regulation of cryptocurrency will not salvage this problem. Individual vigilance helps. So be careful what you click on we're basically leaving the door unlocked for these guys and then complaining when they rob us

[Husires]

These attacks may not be common in my country because hacking accounts does not give many returns, but companies must have good employees or at least deal with information-secure companies instead of paying these scammers who may access personal data and blackmail you with it.
Use a clean computer and do not download random applications if you want to avoid such viruses, and paying a few thousand dollars is not a small sum.

[CryptSafe]

This is why we need to take the safety and security of our assets seriously. Exchanges and other third parties are no longer safe now that hackers now hack databases of companies and exchange so easily without much stress, even to the point of demanding ransom after hacking them. The system is now lost, with no assurance that your assets and funds are well secured after much hype and promises from third parties, as that is their usual way of attracting clients to their services, and after everything, they are being hacked and their assets stolen by hackers.

This is one of the reasons we are advised to keep our assets and funds under our custody to avoid being hacked, and while under our watch,we are advised to use well-sophisticated wallets so we do not encounter any funny incidents while keeping our assets under our watch.

[Yaunfitda]

These attacks may not be common in my country because hacking accounts does not give many returns, but companies must have good employees or at least deal with information-secure companies instead of paying these scammers who may access personal data and blackmail you with it.
Use a clean computer and do not download random applications if you want to avoid such viruses, and paying a few thousand dollars is not a small sum.

I think it's more of a social engineering attacks that this criminals have been using for years, targeting employees of such companies and get their credentials to be able to get into the system. So company should first teach their employees to catch first sign that they have been a target, like phishing emails and that they should stay away with it.

Same for crypto users, don't simply trust anyone, even if it looks real and you know who send the email, we need to be very cautious and think many times before clicking any link. And obviously, not to give your credentials or connect your wallet to anything.

[Husires]

I think it's more of a social engineering attacks that this criminals have been using for years, targeting employees of such companies and get their credentials to be able to get into the system. So company should first teach their employees to catch first sign that they have been a target, like phishing emails and that they should stay away with it.

I remember that there was a local company that fired one of the employees of the IT department and they did not change the password, and then they discovered that he had modified many of the services, which forced them to pay a lot. Taking care of the environment of the employees, training them and giving them adequate salaries, with great care, will reduce the possibility of such hackers by a large percentage, but companies always Greedy for such proposals.

[coinremitter]

It's disheartening to witness the recent surge in ransomware attacks affecting prominent companies like Shimano, MGM, and Boeing. Cybersecurity is paramount in the crypto space, too. Ensure your coins and crypto are secure by adopting robust security measures. Consider utilizing reputable cybersecurity solutions, and always stay informed about the latest threats. Remember, prevention is key to safeguarding your assets. Stay vigilant, and prioritize the security of your digital assets.

[kryptqnick]

It feels like the op's post is a bit too enthusiastic about ransomware cyber criminals. I appreciate it that they don't physically hurt people to rob companies, but they're still criminals, and them using Bitcoin doesn't help its reputation (even though it's unfair to blame Bitcoin in this case). I can see articles claiming that the usage of Bitcoin is very common for ransomware attacks, but it's not necessarily a bad thing. For example, this academic paper claims that, since transactions are done via Bitcoin, and then criminals need to cash them out, it's often possible to trace and track down these activities.
I can also see that there are cyber ransomware insurance companies for those who want protection against this kind of situation, which I believe makes sense if it's a rich company or individual.

[PrivacyG]

What people really don't want to talk about is that cryptocurrency enabled ransomwere, because it's a global and private payment method which is perfect for hackers to receive payments from victims. Bank transfers or PayPal are not global, they have security checks for large transactions, they can freeze accounts or transactions and accounts need to be registered with government id. Like it or not, ransomwere wouldn't be as prevalent as it is now if cryptocurrency didn't exist.

Ransomware was a thing before Cryptocurrency.  Hackers only think nowadays it is easy to pull this scam and not get caught.

This was inevitable however.  Ever seen these movies where they present some Science Fiction futuristic outlook of the World?  Ever seen how in these movies there is hacking and cyber warfare everywhere?  This is where we are basically.  What needs to be done is a significant improvement of Security and informing the population about such threats and how to prevent them.

We can not sit in our bed and complain our information is getting hacked all the time.  There is something that needs to be done.  As technology advances, Security does too and there are new things you have to consider when opening a new message, attachment, link et cetera.

[satscraper]

If someone doesn't know, CISA has published #StopRansomware  guide " developed through the U.S. Joint Ransomware Task Force (JRTF)", the aim being to mitigate threats imposed by this kind of malware  to enterprise systems and their networks.  Even though this guide is enterprise-focused, in my view, the reading  could help individual  bitcoiners  as it contains guidance on hardening SMB components on their machines. Through much of the past decades  SMB was known to be one of the  prime infiltration channels  for plenty of ransomware.

[serveria.com]

I don't even need to drop a source you can read it all over the internet and see it all over the news, Shimano got hacked earlier this week, MGM casino/hotel group reccently, Boeing, so many others. Ransomware groups are very intruiging to me because they operate just like any normal business; they even have a telephone line and an email for support on paying them their ransome to decrypt your company's data. These groups ought to think they are so savvy, until the US sanctions office comes and knocks on their door! Which is honestly sort of unlikely to happen at this point as these ransomware groups are sheer experts with computing and seeking out vulernable corporate networks to pillage and muck up. The average ransom paid out varies but can range from a couple thousand dollars to millions of dollars. Its even more so interesting to me because since these attacks are so commonplace now, insurance companies and regulators are all making sufficient cyber security solutions a requirement such as having an EDR solution that meets regulations in place in order to get coverage, and operate their business legally. Oftentimes Incident Response or IR companies are hired to help them negotiate w/ the cyber pirates and pay them a ransom in BTC. Hackers surely have quite the attack surface these days, just make sure your coins and crypto are secure!

Frankly, I really don't understand why FBI and other law enforcement haven't captured them yet. I mean, there are email addresses, BTC wallet addresses, IPs and what not... and yet the guys are still operating. Some groups like Phobos have been around for quite a long time. 5-6 years maybe more? So why the almighty three letter agencies, who are flexing their muscles by closing one BTC mixer after another, can't stop these ransomware guys?