Slashdot Mirror

← Back to Stories (view on slashdot.org)

Hacker Behind Massive Ransomware Outbreak Can't Get Emails From Victims Who Paid (vice.com)

Posted by msmash on from the interesting-turns dept.

Joseph Cox, reporting for Motherboard: On Tuesday, a new, worldwide ransomware outbreak took off, infecting targets in Ukraine, France, Spain, and elsewhere. The hackers hit everything from international law firms to media companies. The ransom note demands victims send bitcoin to a predefined address and contact the hacker via email to allegedly have their files decrypted. But the email company the hacker happened to use, Posteo, says it has decided to block the attacker's account, leaving victims with no obvious way to unlock their files. [...] The hacker tells victims to send $300 worth of bitcoin. But to determine who exactly has paid, the hacker also instructs people to email their bitcoin wallet ID, and their "personal installation key." This is a 60 character code made up of letters and digits generated by the malware, which is presumably unique to each infection of the ransomware. That process is not possible now, though. "Midway through today (CEST) we became aware that ransomware blackmailers are currently using a Posteo address as a means of contact," Posteo, the German email provider the hacker had an account with, wrote in a blog post. "Our anti-abuse team checked this immediately -- and blocked the account straight away.

1 of 182 comments (clear)

  1. Re:The Nuclear Option by Anonymous Coward · · Score: 0, Troll

    > While this doesn't do anything to improve life for the poor folks trying to retrieve their files

    Oh those poor snowflakes. Won't someone think of the poor people who couldn't set up one of the myriads of automated backup mechanisms - both local and "in the cloud" - that are available today?

    Won't someone think of the poor sysadmin that still uses a script to back up his files - that has been failing since 2002 - instead of a robust and proven software solution?

    Won't someone think of the poor manager, who has been told exactly 28553 times (I saved the emails) that we needed to start taking security seriously, and implementing a robust backup policy because of exactly this sort of thing?

    Poor, poor users. Victims of their own incompetence and stupidity. They got exactly what they deserved.