Fortune 500 Company Allegedly Hired Ransomware Agent to Sabotage Competitors
Ransomware has become one of the most common types of malwares these days. There are different motivations for hackers to install ransomeware but security experts have always assumed that they are in it for economic gains. But a recent report suggests that corporate sabotage can also be a motive of ransomware hackers.
F-Secure, a European cyber security company founded in 1988, released a report “Evaluating the Customer Journey of Crypto-Ransomware and the Paradox Behind It” on July 18, 2016. The experiment in the report involved evaluating the “customer experience” of five current crypto-ransomware variants, beginning with the initial ransom screen all the way to interacting with the ransomware criminals behind each of those variants.
In an exchange with a security researcher from F-Secure pretending to be a victim, one ransomware agent claimed they were working for a Fortune 500 company. “We are hired by a corporation to cyber disrupt day-to-day business of their competition,” the customer support agent of ransomware known as Jigsaw said.
Ransomeware is a cryptovirology attack carried out using covertly installed malware that encrypts the victim’s files and then requests a ransom payment in return for the decryption key that is needed to recover the encrypted files.
The way it usually works that, by asking for relatively low amounts of money from victims, ransomware hackers can get a high rate of success. Meanwhile, by targeting a large amount of Internet users indiscriminately, it scales really well. However, if what the ransomeware agent said is true, it seems like a gang of cybercriminals has found a new way to get paid twice: once by ransom, and once by companies to disrupt their competitors.
The report also finds that crypto-ransomware gangs are usually willing to negotiate the price. Also, ransomware hackers usually do not necessarily set a hard deadline: 100 percent of the groups contacted granted extensions on the deadlines.