Ransomware Cyber Pirates strike again and rakes in more crypto!

[coolcoinz]

Frankly, I really don't understand why FBI and other law enforcement haven't captured them yet. I mean, there are email addresses, BTC wallet addresses, IPs and what not... and yet the guys are still operating. Some groups like Phobos have been around for quite a long time. 5-6 years maybe more? So why the almighty three letter agencies, who are flexing their muscles by closing one BTC mixer after another, can't stop these ransomware guys? 

That's because agencies want easy money, just like hackers. They prefer to go after an exchange like Binance because they're easy to get and can be forced into submission. Let's not forget that agencies know registered companies have the money and can pay fines, unlike hackers who have everything encrypted and sit in an apartment rented by a friend of a friend, eating ramen noodles all day. How do you find someone who doesn't exist? These people often don't have homes, any property, everything they own is rented using fake names.

They all learned from how Ross was caught and won't order any fake IDs to their home address

Spending the money they get from these attacks is going to be difficult though, like it was dificult for the bitfinex duo.

[1714295975]

1714295975

[1714295975]

1714295975

[1714295975]

1714295975

[1714295975]

1714295975

[hatshepsut93]

What people really don't want to talk about is that cryptocurrency enabled ransomwere, because it's a global and private payment method which is perfect for hackers to receive payments from victims. Bank transfers or PayPal are not global, they have security checks for large transactions, they can freeze accounts or transactions and accounts need to be registered with government id. Like it or not, ransomwere wouldn't be as prevalent as it is now if cryptocurrency didn't exist.

Ransomware was a thing before Cryptocurrency.  Hackers only think nowadays it is easy to pull this scam and not get caught.

Cryptocurrency is not an essential part of ransomware attacks, other payment methods could be used too, but crypto made this process so much easier and safer for the criminals that it resulted in growth of ransomware attacks. If crypto didn't exist, there would less attacks because hackers wouldn't spend their time on developing them and focus on other attacks instead, and they would be getting caught more often because fiat payments leave more trails.

[tread93]

The best way to deal with ransomware is to NEVER PAY THE RANSOM.
If the network gets hacked, the companies will have to rebuild it from scratch with backed up data(assuming that they are backing up their data). If they don't backup their data, this means that they are totally unprofessional and irresponsible when dealing with sensitive info.
Cryptocurrencies should not be blamed for the existence of ransomware. What if the hackers are asking for gift cards instead of crypto?
Does that mean that all companies issuing gift cards are guilty for the existence of ransomware? 

Yeah this is great and all until the company that doesn't pay the ransom had all your contact and payment information maybe even medical social security etc etc. The last company that didn't pay the ransom was Shimano and the hackers ended up publishing a lot of proprietary company information. It's a shame it has come to this. Current hackers with LockBit have even outed their victims to the SEC via a complaint form for not paying ransoms,

[Zlantann]

The best way to deal with ransomware is to NEVER PAY THE RANSOM.
If the network gets hacked, the companies will have to rebuild it from scratch with backed up data(assuming that they are backing up their data). If they don't backup their data, this means that they are totally unprofessional and irresponsible when dealing with sensitive info.
Cryptocurrencies should not be blamed for the existence of ransomware. What if the hackers are asking for gift cards instead of crypto?
Does that mean that all companies issuing gift cards are guilty of the existence of ransomware?  

Most of these companies have some classified information that can destroy the company if it is revealed to the public. Some firms don't also want to personal information of their clients to be put in the public space. It is not that easy to start from scratch after a hack. Some of these firms also engage in illegal or shady deals that they want to keep secret from customers or regulatory agencies. So they have no other option than to pay the hackers to avoid the consequences of destroying the reputation of the company.

In some cases, these hackers keep coming back periodically to ask for more ransom after they have been paid off. So the best option will always be to secure the organisation with advanced cyber security measures to avoid attacks. Spending money on security is cheaper and safer than paying ransom.

Just like any other medium of exchange crypto, can be used to collect ransom and that doesn't make it bad. Everything in this world has benefits and defects so these criminals are taking advantage of the decentralization and privacy features of cryptos. Government authorities should seek for means to solve the problem and not the means of payment. These criminals will seek other means of payment if the use of cryptocurrency becomes unsafe.

[Trawda]

Since the hackers are being negotiated with, and the ransom is paid to them in BTC, the US government will certainly find the opportunity to accuse Bitcoin of being used by ransomware criminals because it makes it difficult to track them.

[tread93]

I don't even need to drop a source you can read it all over the internet and see it all over the news, Shimano got hacked earlier this week, MGM casino/hotel group reccently, Boeing, so many others. Ransomware groups are very intruiging to me because they operate just like any normal business; they even have a telephone line and an email for support on paying them their ransome to decrypt your company's data. These groups ought to think they are so savvy, until the US sanctions office comes and knocks on their door! Which is honestly sort of unlikely to happen at this point as these ransomware groups are sheer experts with computing and seeking out vulernable corporate networks to pillage and muck up. The average ransom paid out varies but can range from a couple thousand dollars to millions of dollars. Its even more so interesting to me because since these attacks are so commonplace now, insurance companies and regulators are all making sufficient cyber security solutions a requirement such as having an EDR solution that meets regulations in place in order to get coverage, and operate their business legally. Oftentimes Incident Response or IR companies are hired to help them negotiate w/ the cyber pirates and pay them a ransom in BTC. Hackers surely have quite the attack surface these days, just make sure your coins and crypto are secure!

Frankly, I really don't understand why FBI and other law enforcement haven't captured them yet. I mean, there are email addresses, BTC wallet addresses, IPs and what not... and yet the guys are still operating. Some groups like Phobos have been around for quite a long time. 5-6 years maybe more? So why the almighty three letter agencies, who are flexing their muscles by closing one BTC mixer after another, can't stop these ransomware guys?  

What I can tell you is that they work together with a lot of other agencies including other government and non-goverment agencies such as law firms or insurance companies and there is compliance measure in place in terms of what BTC addresses that they can pay and cannot pay to, which to me is such a crazy idea because why would they allow or have to give the OK or permisison for an insurance company to pay criminals with crypto to pre checked btc addresses. This happens all the time and now there is industry standard cyber insurance and everything. The reality of this is that this funds industry on both sides of the equation and its honeslty just a byproduct of the maturity of the internet IMO.

[panganib999]

Which is why I always advocate for using and always turning your antivirus on! You'd be surprised at how much trojan and malware attempts you get on a daily basis, so might as well make sure that your first line of defense is as robust as possible! I've been a victim of this in the past, and it's all because I failed to keep my pc safe. The ransomware stuff is getting highlighted nowadays because they do it against major players in the outside market, but this happens to every day users world-wide and as a matter of fact, the money they collectively get from all the hackings worldwide might even dim the amount of money they take from these short-form rendezvous and this never gets this highlighted in the news sucks.

[serjent05]

What people really don't want to talk about is that cryptocurrency enabled ransomwere, because it's a global and private payment method which is perfect for hackers to receive payments from victims. Bank transfers or PayPal are not global, they have security checks for large transactions, they can freeze accounts or transactions and accounts need to be registered with government id. Like it or not, ransomwere wouldn't be as prevalent as it is now if cryptocurrency didn't exist.

As far as history is concerned, I believe ransomware has been in the circulation since 1989[1].  So basically it already exist decades before Bitcoin or cryptocurrency become the hot topic.  We were not that much informed during the time before until we participated in the cryptocurreny industry because by then it is a common topic for us to read.  I agree that the creation of cryptocurrency make it for the hacker to easily get paid for the ransome but it isn't the cryptocurrency that enabled this ransomware since  the attack already exist/happening even before these cryptocurrency craze starts.



As people who are frequent in browsing different sites, we must be vigilant and attentive to files we are downloading.  Often times, Malware and Internet protection is a step behind from these newly develop trojan that can infiltrate our system and hijackt it, so we must be very careful in downloading files and opening websites.



[1] https://flashpoint.io/blog/the-history-and-evolution-of-ransomware-attacks/

[boyptc]

This is the reason why there's more demand now for cybersecurity staff and experts. The budget that these companies to be allotted from these services are going to save them a lot of money than being hacked and asked for a ransom.

And for these hackers, whether they're individuals or groups. Soon, with a very minimal mistake they do, someone's gonna knock to their doors and they'll get arrested.

A mistake like leaving internet footprints.