Ransomware Company Gets Rekt

Sometimes it happens. The criminal organization or conartist gets involved with the wrong person. We’ve seen it glorified and sensationalized in movies, but often the real deal gets over looked.

A software developer got hit with ransomware and had to pay up to get his files back. But, he decided to take a look at how the software operated and did some analysis. From his analysis, he found the database and managed to get access.

He released decryption keys and a tool to decrypt the ransomware.

A True Blue American German Hero. World Class. An Avenger. A Testament of Faith. He Who Shan’t Be Named.

All right, I’m done. Good read though. I love seeing stories about stuff like this.

14 Likes

Nice to see some vindication. Unfortunately this is only one of dozens of affiliates to what was gandcrab. Word is the resources have been bought by revil.

RaaS is still alive and well. Many school districts and municipalities have hit recently.

Interesting… I herd the grey hat that did this admitted that he technically broke the law, but happy to face the consequences, as it is in the public’s interest.
Which reminded me of those guys who trolled through Shodan for routers with default passwords, and factory reset them…

1 Like

He did. I think the compensation he made to the ransomware organization should be penalty enough.

Although, I’m unsure of how illegal it is. There is a gray area when it comes to getting breached and defending yourself. I read you can DDoS someone back if they’re DDoSing you.

1 Like

It’s more a case of the gov choosing not to prosecute, as it is not in the public interest

In Germany, manipulating computer systems is a crime. Penalties vary from fines to jail (rarely). There is also a so called “Hacker paragraph” that is a hinderence to research more than anything.

However, I don’t expect even a 50€ fine simply because arguing it was civil disobedience would probably way more than “he attacked someones computer system”.

Oh, and criminals obviously can’t sue, because they would have to admit.
That is for the intrusion bit. The counter hack was going to be made into US law, but not passed (yet) as it would open a can of worms.
Designed for the Microsoft’s and Google’s to shut down bad actors, would end up with criminals abusing it

They could.

Exactly, they would be punished for the same thing they would accuse Mr. Frömel of doing. Except they did it systematic and on multiple occasions and with the intent of extorting money.

This podcast is worth listening to;

1 Like

Sucks to hear he had to pay up, but that was probably enough to motivate him to dig into it and get those keys. To say hero isn’t quite doing him justice. :smiley:

I’m surprised there aren’t bounties for decryption tools for these sorta ransomware packages.

1 Like

Yet?
Perhaps offer this idea to insurance companies?
Some pay out currently, but if they could invest, perhaps they would?

Yeah, that would be a good idea.

I’m sure they’d drop a bunch of money on people who can consistently get the data back.

I mean, I’m sure companies would as well. Imagine when those hospitals got hit with it a couple years ago, if there was funded research into reversing this stuff, the impact could have been so much less.

2 Likes

Yeah. Then you get some “Computer software engineering” companies that claim to, but just pay. :man_shrugging:

1 Like