Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 


Forgot your password?
Close
typodupeerror
×
Businesses

In Private Conversation, Hackers Behind Ransomware Outbreak Lower Demand To $50 Million (reuters.com) 68

Posted by msmash from the how-about-that dept.
The hackers who have claimed responsibility for an international ransomware outbreak have lowered their asking price in a private conversation with a cybersecurity expert, something he said may be a sign the group was having trouble monetizing their massive breach. From a report: The REvil ransomware gang, also known as Sodinokibi, is publicly demanding $70 million to restore the data it's holding ransom after their data-scrambling software affected hundreds of small and medium businesses across a dozen countries - including schools in New Zealand and supermarkets in Sweden. But in a conversation with Jack Cable of the cybersecurity-focused Krebs Stamos Group, one of the gang's affiliates said he could sell a "universal decryptor" for all the victims for $50 million. Cable told Reuters he managed to get through to the hackers after obtaining a cryptographic key needed to log on to the group's payment portal. Reuters was subsequently able to log on to the payment portal and chat with an operator who said the price was unchanged at $70 million "but we are always ready to negotiate."
This discussion has been archived. No new comments can be posted.

In Private Conversation, Hackers Behind Ransomware Outbreak Lower Demand To $50 Million More

In Private Conversation, Hackers Behind Ransomware Outbreak Lower Demand To $50 Million

Comments Filter:

  • Better idea. (Score:4, Insightful)

    by LenKagetsu ( 6196102 ) on Monday July 05, 2021 @04:09PM (#61553530)

    Make paying ransom carry a fine equal to three times the ransom, because you're funding criminal activity and suffering the consequences of mismanaging your IT security.

    • Why not just sanction the banks that facilitate the payments to these people?
      It's not like someone is taking a suitcase full of cash to Gorky Park to pay them. The banks are partly responsible for this and ought to be preventing it from happening.

      • Re: (Score:2)

        by nyet ( 19118 )

        You have a twisted, incoherent, bizarre definition of "responsible".

      • It's quite simple-- the feds just need to mine enough bitcoin to mount a 51% attack.

        • It's quite simple-- the feds just need to mine enough bitcoin to mount a 51% attack.

          Or. The combined value of all Bitcoin is US$650 billion... Let's say you're the gubermint, printing fiat money like a counterfeiter with a meth habit... for less than the price of an infrastructure bill, or a Covid relief package, you could easily afford to corner the Bitcoin market and devalue the cryptocurrency by using the rest of it to light cigars, once you're finished spraying most of it with perfume to use as the poor man's bidet.

          • By buying bitcoins with that bill; you only increase the demand and skyrocket its value.

            • You'd think, but ponder for a moment the power a sovereign government has... okay, not just any sovereign government but one with a lot of economic sway like the US, or the EU, or japan and Korea, or, or, China.

              In point, what happened to the Bitcoin's value when China shrugged its shoulders?

        • So what happens when they demand ransom paid in XMR instead?

          • Much of the colonial pipeline ransom was ostensibly recovered using a blockchain explorer, so perhaps XMR will be the currency of choice. However bitcoin can be purchased at the same place you can buy giiftcards, so there's a tradeoff.

            • Can't some make a report that is based off the blockchain, and declare those coins to be tainted money.?
              seems like a perfect way to lock theft coins in it's owe ecosystem.

              I kind of think of it as a IP spam filter where, you just check against.

              I am sure that at this time XMR is not subject to this, yet, at this size of transaction it just might be.

              • XMR won't even allow you to view the contents of a wallet without permission of the owner. You might think a large portion of XMR turning up somewhere would be an indicator of wrongdoing, but how would you know? The only way you could really watch for it would be at an exchange during cash-out.

                • Could any authority require an audit for any XMR over some threshold that appears without a trace? Or would that again be something that could only be enforced at an exchange?

                  • Actually, that seems like the most likely long term outcome.
                    The USA issued can issue regulation about it that are
                    enforceable within the banking and exchange system on the domestic market.

                  • It's like any other encrypted source of information. You can issue a subpoena to unlock the wallet contents (XMR has functions that permit auditing in this fashion). That that point it's up to the recipient as to whether or not they obey a court order.

                    The question is: how do you tie the wallet to the person in order to issue the subpoena? It's a public blockchain, and it's designed to frustrate attempts at centralized oversight.

      • Sanction the country where money ends up with.
        Problem will fix itself.

        • Re: (Score:2)

          by jythie ( 914043 )
          Eh, there is too much investment in Russia by Americans and by Russians in America for any real sanctions.

        • Re: (Score:2)

          by rtb61 ( 674572 )

          Here is the rub though. The entire thing way to public, it has become an affront to every police force, internationally, it has developed into a real focal point for every single investigatory agency planet wide. They are in it and in it deep, real deep. No place safe, no place to hide, policing has gone red hot on it.

          It is dumb stuff like this by criminals, that sets global precedents for international treaties and pursuit of law enforcement and the threat not to the end users but the authority of police

      • why not invade the neighbouring country to where family of the criminals live. After all they partly responsible for not shutting this family down earlier.

      • Re: (Score:2)

        by NFN_NLN ( 633283 )

        > It's not like someone is taking a suitcase full of cash to Gorky Park to pay them.

        CRYPTOlocker. It's right in the name.

      • I think you might mean bitcoin exchanges. They would know what wallets have the coin and could potentially blacklist any exchanges from accepting those wallets. Problem with that is you could split the coin across many wallets infinitum.

        On a related note, didn't the US govt find the coins paid for the pipeline ransome? Maybe they'll get lucky again.

      • The banks have nothing to do with the popularity of ransomware, because it's entirely enabled by cryptocurrency. Stomp on the cryptos using whatever 3-letter agency methods we can dream up, and the problem goes away.

    • Comment removed based on user account deletion

    • It's not always mismanagement. There's a reason why hackers pay top dollar for 0-day flaws.

    • You're a child who doesn't understand the value of information encrypted, and cost of sensitive ex filtrated data being posted far outweighs the ransom cost in many cases so businesses pay.

      • If you can spend millions on ransom you can spend millions on IT security.

        • yes, but the one is a maybe event and the other is a definitive event. So people go with the maybe since it's "maybe" cheaper in the end.
        • If you can spend millions on ransom you can spend millions on IT security.

          That is obvious if you are not the person who authorises CXO bonuses.

        • Re: (Score:2)

          by jythie ( 914043 )
          No security is perfect, and at the end of the day, if people can do work on a system, hackers can corrupt a system. The very thing that gives it utility also makes it vulnerable.

      • Re: (Score:2, Insightful)

        by bloodhawk ( 813939 )
        which is why it needs to be made illegal to pay. The business is thinking only of themselves (not unreasonable), yet their paying affects everyone else as the criminals are being funded and the enterprise is seen as successful so their will be more and more victims.

        • which is why it needs to be made illegal to pay.

          Absolutely agree. You cannot negotiate with terrorists, and that's what these people are - terrorists.
          Paying out the ransom does nothing to tighten IT security, it gives the company an out, let's them sweep their IT ineptitude and lack of proper security under the rug.
          It should be illegal to pay them, illegal to not report all of it, and even more illegal not to prevent it in the future.
          If it happens twice to the same company they should either be nationalized or shut down permanently.

        • words on paper will do nothing, companies will get their data back and protect their reputation. Tracking down the ransonware criminals and shooting them in the face would work though, but pansies only think of making more useless laws.

          • You overestimate execs and managers devotion to the company. While most will happily do anything unethical or immoral to help protect it, very very few will risk jail to protect a company. tracking down and shooting criminals does nothing to prevent this, that is extremely short sited (though enjoyable), oithers just replace the hole they leave, it is the profit you need to cut if you want it to stop and the only way to cut that is prevent the payments.

    • Re: (Score:1)

      by yagmot ( 7519124 )

      So you're saying that everyone who was subject to the Solar Winds attack was mismanaging their IT security? Same with everyone who used Kaseya?

      • Yes. They offloaded their security because they were too dumb, cheep, or lazy. They created a massive pile of treasure with a single entry point, then hand waved it away as a solved problem and stopped paying attention. They got their jewelery stolen because they gave one or two security guards the keys for the entire neighborhood, and the security guards lost the key ring and the burglars walked in. This is the risk you assume when you don't understand what you're doing, and don't watch the people you h

        • Re: (Score:2)

          by jythie ( 914043 )
          Isn't that the whole point of these vendors though? "We lack the technical expertise to do this, so we hire a company that does". Moving this in house doesn't really change the core problem that even professionals are not a panacea against breaches.

    • The US and allies should assassinate a few of these shitheads and let the world know who did it and why.

    • Re: (Score:2)

      by AmiMoJo ( 196126 )

      The ransomers would just lower their prices so that the total amount (ransom + fine) was affordable.

  • Can we get Chris to change his surname because every time I see "... security... Krebs.." I have to read the article to find out whether this is Brian Krebs (automatic must-read) or the other Krebs (eh, whatever)?

  • Very nice of them to knock 28% off the price. I'm sure their clients will appreciate it. They should snatch that bargain up right away.

  • I wonder how long it will be before that becomes the policy, and the US uses it justify more severe economic, or even military, actions. Maybe the ransomware gangs know it too?

  • Kill any perps you can manage who fail to surrender.

    It's perfectly fine to hurt enemies. That's all humans understand as we are a savage race. Failure to use savagery appropriately is weakness, not virtue. Enemy impunity must be reduced and since necessity knows no law, use any non-counterproductive method.

    Law is for use between friends. We don't miss viri when we kill them.

    • Re: (Score:2)

      by AmiMoJo ( 196126 )

      History shows that harsh punishment is rarely much of deterrent. And in any case most of these guys are overseas in countries that don't give a shit, or even if they do care they will expect proper due process and won't extradite to places that might execute the accused.

      • Re: (Score:2)

        by mjwx ( 966435 )

        History shows that harsh punishment is rarely much of deterrent. And in any case most of these guys are overseas in countries that don't give a shit, or even if they do care they will expect proper due process and won't extradite to places that might execute the accused.

        Yep, the brutal regimes of North Korea, China and Iran have resulted in idyllic societies where nothing bad ever happens. The End.

        Back in reality, prevention is better than cure. Even if you don't pay the ransom (which I firmly believe in, pay the Danegeld and you'll never be rid of the Dane) it is still cheaper to have a secure environment and good backups. I think the recent spate of cyber attacks are making companies wake up to the fact their cyber security is shite. Certainly there has been an increa

      • Re: (Score:2)

        by raind ( 174356 )
        Who said anything about prison, just wack em.
    • Not against treating these scumbags in such a way, but it is ultimately a bad approach that achieves little. criminals (especially those in poor countries), don't give a shit about the threat of violence or potential of getting caught. The only way to win is to cut off the money supply.
  • Crypto-currency like Bitcoin was designed from the get-go to be decentralized and to eliminate the need for big banks and the life they suck out of the rest of the economy. [dilbert.com]

    That decentralized nature and it's global adoption means that Bitcoin is here to stay, like it or not. Even if the US were to turn round and outlaw all cryptocurrency, it would continue to operate in other nations unless there were a global moratorium. Given political tensions around the world, that seems unlikely.

    The next best thin
  • All countries should agree that these prats are fair game. Find them, and eliminate them.

Slashdot Top Deals

"I shall expect a chemical cure for psychopathic behavior by 10 A.M. tomorrow, or I'll have your guts for spaghetti." -- a comic panel by Cotham

Close