Hackers Demand Over $250,000 for Ransomware Decryption Keys

Hackers Demand Over $250,000 for Ransomware Decryption Keys

The alleged authors of the NotPetya ransomware, which swept through Ukraine locking the systems of governments, financial institutes and businesses, demanded a payment of 100 BTC, which was over $250,000 at the time, for the private keys.

Earlier this week, Motherboard reported that cyber security researchers detected movement around the BTC wallet used for storing the ransom payments during the June 28 NotPetya attack, a variation of the Petya ransomware used to encrypt the files of the victims. According to the research, $10,000 worth of bitcoins were withdrawn from the wallet and the same hacker group allegedly offered authorities to unlock the files – for the sum of 100 BTC – by publishing the private key of the ransomware.

Since there was a lack of response after some payments were made by the victims following the attack, the researchers believe the cyber criminals weren’t financially motivated. According to the cyber security experts, the hacks did not care whether the payment was made, they kept the files anyway.

Someone, claiming to be a hacker behind the NotPetya attack, posted an announcement on both DeepPaste and Pastebin. The author or authors of the announcement asked for 100 BTC (worth approximately $256,000 at the time) for the private key, which can be used to decrypt any data locked in the cyber attack. However, the hacker wrote boot disks can’t be restored. Currently, there is no evidence that it is the real cyber criminal, who conducted the NotPetya attacks, a rival gang, or another third party trying to cut some profits.

“This is a fear, uncertainty and doubt case” and “a clear attempt from the attackers to try to further confuse the audience, by changing the wiper narrative into a ransomware one again,” cyber security researcher Matt Suiche with Comae Technologies told Motherboard. According to Suiche, the hackers are just “trolling” the media, the journalists, and the public. Even if the current attempt to sell (or scam the public) the private key for the ransomware attacks, the withdraw from the bitcoin wallet of the criminals gives law enforcement authorities and researchers a lead they can follow.

Using ransomware to conduct attacks on the victims and extort money from them became quite common for cyber criminals since there are relatively low risks associated with high rewards. The NotPetya attack is not the first breach that affected computers on a global scale this year. In May, the WannaCry ransomware attack extorted approximately $100,000 worth of bitcoins from the victims.

Ransomware attacks should be taken seriously. With their numbers surging, cyber security should be a major focus for governments and law enforcement authorities worldwide. Some of the countries had already taken measures to prevent the attacks of the cyber criminals. According to a recent study by the United Nations, the United States ranks second after Singapore in preparedness for cyber crime. The report evaluated and scored countries’ on their legal, technical, educational, research, and organizational frameworks as well as their ability to share information.

“Cybersecurity is an ecosystem where laws, organizations, skills, cooperation and technical implementation need to be in harmony to be most effective,” the researchers wrote.

“The degree of interconnectivity of networks implies that anything and everything can be exposed, and everything from national critical infrastructure to our basic human rights can be compromised.”

According to the UN research, some of the richest and modern countries were surprisingly back at the list. For example, India was ranked at the 25th, only one place ahead of Germany, while China was only 34th on the list. On the other hand, apart from Singapore, other smaller countries ranked at the top 10 of the list, including Estonia, Oman, Malaysia, Mauritius, and Georgia.

The researchers emphasized, the crucial step was to adopt a national security strategy, however, by the study’s records, 50 percent of the countries failed to do so.

Another surprising result was North Korea’s place on the list, ranked as 57th, however, the country was ranked lower since it lacked points by its “cooperation” but still ranked three spots higher than Spain.