Hacking victim hacks the hackers and releases their encryption keys

[spartaman64]

Quote

A ransomware victim that paid Bitcoin $BTC to unlock his files has enacted sweet vengeance on his attackers, by hacking them right back.

As part of his retaliation, German programmer Tobias Frömel (aka “battleck”) released almost 3,000 decryption keys to assist others hit by the Muhstik ransomware, alongside free decryption software, BleepingComputer reports.

Quote

Ransomware attacks are nothing new, but they have been intensifying lately. The FBI even recently shared a public service announcement warning against paying to restore files as it could encourage further campaigns.

Although, this hasn’t stopped victims from giving in. Three hospitals in Alabama recently paid the hackers behind the Ryuk ransomware to unlock compromised systems which had been infected at the start of October.

source: https://thenextweb.com/hardfork/2019/10/08/ransomware-bitcoin-hacker-cryptocurrency-muhstik-rekt/

 

Great job by battleck who cares if it isn't technically legal he just saved a bunch of people from having to pay ransom to criminals. For most people who don't have important files they shouldn't pay the ransom and encourage the hackers. I know there's no files on my computer worth 0.09 bitcoins unless the price of bitcoins crash dramatically.

[lewdicrous]

Doing Gods work. _{If only God was into programming...}

[TechyBen]

Just now, lewdicrous said:

Doing Gods work, _{if only God was into programming...}

Quantum computation says "hi".

[That Franc]

The headline is one heck of a tongue twister, but the guy has done a good, thank you spartaman for some nice wholesome news!

[Ezzy-525]

15 minutes ago, lewdicrous said:

Doing Gods work. _{If only God was into programming...}

God is the ultimate programmer. I'm a big fan of The Universe beta.

[Bananasplit_00]

5 minutes ago, Ezzy-525 said:

God is the ultimate programmer. I'm a big fan of The Universe beta.

feels a little pay to win atm

[rcmaehl]

Not too surprising. Ransomware as a service is pretty big on the darkweb. There's a reason they're using other people's tools instead of their own (and it's not cost savings)

[Euchre]

As cool as this is, I wouldn't recommend someone thinking they could easily 'counterhack' someone. Back in the days of Yahoo chat, a couple of the tech oriented rooms often had folks asking for help to 'learn to hack' so they could 'hack their hacker back'. The vast majority of the time, they were either dealing with someone WAY beyond their skill level, and likely to remain that way, or just someone they knew that could predict their actions and even possibly had physical access to their hardware, although they'd claim nobody could possibly be in that position that would 'hack' them. (Most of the latter were really just script kiddies.)

 

In this case, they just managed to get the wrong target, like the guy that stole or bought Zoz's stolen Mac.

[williamcll]

49 minutes ago, Ezzy-525 said:

God is the ultimate programmer. I'm a big fan of The Universe beta.

Gonna hate it when everything's going to be wiped for the full release.

[Lord Athetos]

[19_blackie_73]

Where do the robbed hackers would want to go to - the police?

1 hour ago, spartaman64 said:

who cares if it isn't technically legal

 

[Lady Fitzgerald]

Rather than worry about ransomware, just keep your data properly backed up. 

[Euchre]

12 minutes ago, Lady Fitzgerald said:

Rather than worry about ransomware, just keep you data properly backed up. 

Or maybe practice other safe computing practices better. Most malware people get is still from operator error. Clicking links, going to sites or doing things on the computer that are higher risk, and without adequate protections, things like that. If you do backups and use the right disciplines, your biggest issue is that things will take longer.

[MoonSpot]

The correct way to read the OP and article includes playing Ennio Morricone - L'estasi dell'Oro (The ecstasy of gold -The good, the bad & the ugly) in the background; preferably while on horseback trotting into the sunset.

[SpaceGhostC2C]

/tinfoil hat on

What if write and release ransomware, then claim to be a victim and release the keys to collect some pre-laundred money on top of what you made in the shadows?

/tinfoil hat off

 

57 minutes ago, 19_blackie_73 said:

Where do the robbed hackers would want to go to - the police?

 

As surprising as it is, there have been a couple of cases of would-be scammers going to the police in Spain (I'm sure other places too): people who thought they were joining a scam, but were actually getting scammed themselves.

[The King of the Undead]

hacker hacks hacker who hacks hacker and stops hacker from hacking.

[Lady Fitzgerald]

5 hours ago, Euchre said:

Or maybe practice other safe computing practices better. Most malware people get is still from operator error. Clicking links, going to sites or doing things on the computer that are higher risk, and without adequate protections, things like that. If you do backups and use the right disciplines, your biggest issue is that things will take longer.

Nope. It doesn't matter how safe your computing practices are, you still can get hit with ransomware (this is not to say that safe computing practices are not a good idea).

 

Actually, after the initial backup, updating backups takes very little time and effort on your part if you use the right backup scheme. Plus, the backups will protect your data from far more than just ransomware.

[Euchre]

13 minutes ago, Lady Fitzgerald said:

Nope. It doesn't matter how safe your computing practices are, you still can get hit with ransomware (this is not to say that safe computing practices are not a good idea).

How? What vector? Malicious ads? This is a big part of why ad blocking is so popular. Email? There's your safe practices right there. Software? Be careful and mindful of where you get software, another safe practice.

 

I haven't seen a story about a worm (self propagating software) in a very long time, and never one that brings ransomware. Every single example I've ever seen or heard of, of someone getting ransomware, was from something they had to take action to install. Windows Update hasn't delivered it yet (and heaven help them if they did), and it is extremely unlikely it will.

 

The one most consistent way that malware has to get into a system isn't exploiting a machine passively, it relies on social engineering - hacking the human - to get the malicious code in place. Contravention of malware that can propagate itself directly (worms) is far too easy to block at the infrastructural level, and the whole of the IT industry is heavily invested in doing so. Those malicious ads I spoke of before? Major, reputable ad services are constantly on the lookout for malicious ads, so they can remove them and block the advertisers from using their services. If they didn't, they'd be prime targets for something scarier than malware - lawyers.

[mr moose]

32 minutes ago, Euchre said:

I haven't seen a story about a worm (self propagating software) in a very long time, and never one that brings ransomware. Every single example I've ever seen or heard of, of someone getting ransomware, was from something they had to take action to install. Windows Update hasn't delivered it yet (and heaven help them if they did), and it is extremely unlikely it will.

 

Wannacry was a self propagating worm,  stuff like vaporworms are thought to become much bigger threats in the future.  

 

https://www.helpnetsecurity.com/2018/11/16/self-propagating-fileless-malware/

 

I'm not heavily into this sort of thing, but one thing 30+years of tech enthusiasm has taught me is not to be quick to dismiss anything. 

[Lady Fitzgerald]

35 minutes ago, Euchre said:

How? What vector? Malicious ads? This is a big part of why ad blocking is so popular. Email? There's your safe practices right there. Software? Be careful and mindful of where you get software, another safe practice.

 

I haven't seen a story about a worm (self propagating software) in a very long time, and never one that brings ransomware. Every single example I've ever seen or heard of, of someone getting ransomware, was from something they had to take action to install. Windows Update hasn't delivered it yet (and heaven help them if they did), and it is extremely unlikely it will.

 

The one most consistent way that malware has to get into a system isn't exploiting a machine passively, it relies on social engineering - hacking the human - to get the malicious code in place. Contravention of malware that can propagate itself directly (worms) is far too easy to block at the infrastructural level, and the whole of the IT industry is heavily invested in doing so. Those malicious ads I spoke of before? Major, reputable ad services are constantly on the lookout for malicious ads, so they can remove them and block the advertisers from using their services. If they didn't, they'd be prime targets for something scarier than malware - lawyers.

All you have to do to catch ransomware (or any other kind of malware) is visit a website that is infected. Even the best of them can (and do) get infected at times. Sometimes, the website but an ad delivered by another host (such as Google ads, which is notorious for hosting infected ads...and I've yet to hear of them getting sued) can harbor an infection doesn't even require you to click on the ad. Ad-blockers can help block infections from that source but not always.

 

Frankly, even the most careful of us still can make mistakes that could allow an infection to get in. Drive-by infections are still a real thing. You can have the best antimalware protection and still get infected. Granted the chances are really low but it still can happen.

 

As I pointed out earlier, ransomware is not the only thing that backups will protect you from so, even if there was a way to eliminate the threat from ransomware, it's still very much worthwhile to have and maintain backups.

[Valentyn]

They got Got, well done.

That's one hell of a job.

[MrFixitBlankFace]

5 hours ago, will4623 said:

hacker hacks hacker who hacks hacker and stops hacker from hacking.

How many hacks can a hacking hacker hack in a hacker’s hacking second?

[SpaceGhostC2C]

5 hours ago, comander said:

 

sudo create universe opts=[multithreading, jit] params=[3.14159265358979, 1.6180339887, 2.7182818284, ...]

 

That took him 6 days to code. The 7th was for debugging, but who even does that? Let the suckers beta-test!

 

 

 

[a few centuries later]

 

"Err.... OK, let's see: format world --method=rain"

[TechyBen]

On 10/9/2019 at 1:22 PM, Bananasplit_00 said:

feels a little pay to win atm

You just need your own server. Though the upkeep costs are high.

[dalekphalm]

20 hours ago, Euchre said:

How? What vector? Malicious ads? This is a big part of why ad blocking is so popular. Email? There's your safe practices right there. Software? Be careful and mindful of where you get software, another safe practice.

 

I haven't seen a story about a worm (self propagating software) in a very long time, and never one that brings ransomware. Every single example I've ever seen or heard of, of someone getting ransomware, was from something they had to take action to install. Windows Update hasn't delivered it yet (and heaven help them if they did), and it is extremely unlikely it will.

 

The one most consistent way that malware has to get into a system isn't exploiting a machine passively, it relies on social engineering - hacking the human - to get the malicious code in place. Contravention of malware that can propagate itself directly (worms) is far too easy to block at the infrastructural level, and the whole of the IT industry is heavily invested in doing so. Those malicious ads I spoke of before? Major, reputable ad services are constantly on the lookout for malicious ads, so they can remove them and block the advertisers from using their services. If they didn't, they'd be prime targets for something scarier than malware - lawyers.

The vast majority of ransomware comes from Phishing emails. You can pretend like you'll never get caught by one - and by using common sense and safe practices, you can mitigate (but not eliminate) the risks.

 

But Phishing emails are evolving daily. Sure it's easy to catch the stupid ones with misspelled words, etc - but some are out there are are indistinguishable from legit emails. As @Lady Fitzgerald said, we can all make mistakes.

 

Common Sense is no longer a sufficient protection against malware. It is now only one key component among other defenses as well. Anyone purely relying on common sense is simply lucky, and it's only a matter of time before that defense proves inadequate.

 

In the case of ransomware, a good backup system is worth more than common sense, if you're doing one or the other. Ideally, you do both.