Malware hunters: The battle to stop hackers targeting users with ransomware
It was a fine for running a red light. The location of the supposed infringement checked out — it was right around the corner from their office, and the car matched too.
She opened the attachment, but instead of a photo of the alleged infringement, Mon found she had accidentally installed a form of ransomware. Her files had been encrypted. She was locked out.
It wasn’t long before she was sent what she described as a “very polite letter” informing her that she was under attack and offered some helpful hints on how to get her files back.
“It took over my computer and it said, ‘We’ve now taken over all your files. Don’t worry, there’s a way to get them back — we’ve set up a frequently asked questions and a chat line if you want to ask us questions about it while you’re going through the process,'” Mon told ABC Control Z podcast.
“But essentially, it said you need to give us $700 in the next 24 hours and we’ll release your files.
“If you don’t do it in 24 hours then the fine will increase and increase and increase.”
Shaun and Mon had just started an architecture firm and six months in, they were concentrating on building a client base.
They worried that if they did not pay up, they would risk losing clients they had only just started working with, for jobs that were worth $500,000.
“So we sort of took that risk and we got them back,” she said.
Ransomware scams are so successful because if the victim can afford to pay the ransom, they often will.
Where does the money end up?
Like any good business, ransomware gangs are scaling up.
Tony Robinson, a senior computer security analyst, said ransomware attacks are almost always the work of organised crime groups.
No longer content going after individual users, he said the gangs are increasingly targeting business networks, which breaks into the network and spreads malware without any input from the user.
“They (users) never have to click on anything,” Mr Robinson said.
They are also upping the price. Where ransomware gangs used to ask for around 1.5 bitcoins ($A610), they are now demanding as much as 22 bitcoins ($A13,686).
Authorities are working on methods to tackle the problem, but once users are infected there is very little police can do.
In fact, police have reportedly been targeted by ransomware gangs and resorted to paying to get their own files back.
In response, malware hunters, or “white hats” have taken it upon themselves to fight back.
These people — who often have fulltime jobs in the IT industry — spend their own time tracing malware, analysing it, tracking down the servers that run it and then publicising what they discover, in hope that the authorities will act and maybe prosecute.
But their work makes them targets.
One malware hunter, who asked to remain anonymous, told Control Z that he had received death threats from the ransomware gangs.
“They generally like to make it known that they don’t like being poked at,” he said.
He also works in a group, with dozens of other malware hunters. He said other members have had their car windows smashed, as well as their homes broken into and trashed.
“I got a death threat to my office, because they cannot figure where I live in real life, but they know where I am right now.
“They know my daughter’s information, my wife’s information and they’re putting it on the internet,” he said.
Another malware hunter told Control Z that because of the huge sums of money involved, he is worried about what the ransomware gangs might do next.
“They could send a hitman, they could hire private investigators, they can pretty much do anything that money can buy to try and silence you,” he said.
The malware hunters work in their own time and take huge personal risks to protect ordinary internet users they’ve never met, and who are most likely completely unaware of their efforts.
But they say it has to be done.
“No one else will do it.
“It’s just one of those things that, well, law enforcement does a great job in some respects but you know there are some things that need a bit of extra expertise and a bit of extra passion to get the job done.”
Source | ABC.Net