Confessions of a Ransomware Attacker

Image

If you don't know me, consider yourself lucky. I'm a professional ransomware hacker and I'm really good at what I do. In fact, I'm so good that I'm going to tell how I'll breach your network and hold your data hostage. And guess what? You still won't be able to stop me.

I've studied your website thoroughly and traced your Team page to social media accounts. I probably know more about your staff than you do. Now comes the fun part...

I'm going to call you and introduce myself. And since I know you're going to check me out on social media after we hang up, everything I tell you will be verifiable.

You see, I'm impersonating a real person with a real company. And I'm calling you as a potential client, which is all you're going to be thinking about during out conversation. I've done my research on your industry and I'll even do some competition bashing to earn your respect.

Well, now that you're giddy about the opportunity of landing a new account, we can really get to know each other. First off, I need current client references. At some point, I'll sob to you about my previous vendor that was hacked. Fortunately, you took the bait and told me the name of your IT guy.

Our conversation ends with my excitement about heading out of town for a week-long vacation – this will keep you from making pesky follow-up calls.

BTW - did you check your caller ID? It's a nice touch, right? I spoofed it to match the number on “my” company's website.

Reconnaissance

Thanks again for those client references. Karen was especially delightful and it turns out that I have a friend in the market for her services. She was kind enough to send me an email with her contact information (and her signature line, and her company logo, and everything else I need for a quality forgery).

Things are moving along well, wouldn't you say? Oh, I almost forgot. I also spoke with your IT guy and he was great. I mean, he just went on about this favorite security strategy, edge devices, endpoint protection, backup services… a real wealth of information!

The Bait

It's late Friday afternoon and I know you're really busy, but it turns out Karen – you know, that client reference – has an urgent matter for you to resolve. Check your inbox, she included an attachment. The weekend is almost here and you don't want this hanging over your head, so you won't hesitate to open it. and that's when my exploit installs on your computer.

The Deception

Now I need some time to activate the ransomware and delete all of your cloud backups (props to the IT guy), so I can't risk you calling Karen about this phony urgent matter. When you opened the attachment, it notified my server to send a second email (from Karen) asking you to disregard the first email because it was sent by mistake.

I know what you're thinking, but rest assured, I spoofed the email reply address. You're not sending Karen that “No worries” response, it's going back to me.

The Attack

I spent the weekend encrypting all your data and deleting your backups, so you're in for a big surprise come Monday morning. Did you see my message on the screen?

As I said, I'm a professional, so just send me $10,000 in Bitcoin and I'll release your data and get you up and running.

Okay, deep breath. Think for a moment. It's time to call the FBI, right? Sure, you can do that and I'll make sure that all of your client information is posted for public consumption. You'll lose all your clients; your reputation will be destroyed and you'll be out of business.

Or you can pay the ransom and nobody will ever know.

 

Ransomware attacks can be very strategic and deceptive. Learn how Wirxly can help protect you against them.

Contact Us