However, in order to make sure all reports are legitimate, each submission is required to take a screenshot of the ransomware payment demand, and every case is reviewed manually by Cable himself before being made publicly available. As the site is crowdsourced, it incorporates data from self-reported incidents of ransomware attacks, which anyone can submit. The website keeps a running tally of ransoms paid out to cybercriminals in bitcoin, made possible thanks to the public record-keeping of transactions on the blockchain. “After seeing that there’s currently no single place for public data on ransomware payments, and given that it’s not hard to track bitcoin transactions, I started hacking it together.”
#JACK KREBS STAMOS GROUP RANSOMWHERE FULL#
“I was inspired to start Ransomwhere by Katie Nickels’s tweet that no one really knows the full impact of cybercrime, and especially ransomware,” Cable told TechCrunch. Cybersecurity and Infrastructure Agency (CISA), is looking to solve that problem with the launch of a crowdsourced ransom payments tracking website, Ransomwhere. Jack Cable, a security architect at Krebs Stamos Group who previously worked for the U.S. However, while ransomware attacks continue to make headlines, it’s nearly impossible to understand their full impact, nor is it known whether taking certain decisions - such as paying the cybercriminals’ ransom demands - make a difference. In the last few months alone we’ve witnessed the attack on Colonial Pipeline that forced the company to shut down its systems - and the gasoline supply - to much of the eastern seaboard, the hack on meat supplier JBS that abruptly halted its slaughterhouse operations around the world, and just this month a supply chain attack on IT vendor Kaseya that saw hundreds of downstream victims locked out of their systems. These file-encrypting attacks have continued largely unabated this year, too. “If the Russian government cannot or will not take action against criminal actors residing in Russia, we will take action, or reserve the right to take action, on our own,” Psaki said.Ransomware attacks, fueled by COVID-19 pandemic turbulence, have become a major money earner for cybercriminals, with the number of attacks rising in 2020. national security officials had been in touch with Russian government officials over the attack. White House press secretary Jen Psaki said during a news conference Tuesday that U.S. Jack Cable, a security researcher for Krebs Stamos Group, said he had reached out to REvil, and the group offered to slash the price for the tool to $50 million in bitcoin. “If you are interested in such a deal, contact us,” the group wrote, adding that it had provided a way for victims to contact the organization. REvil said it would publish a tool that would allow all infected companies to recover their data if it were paid $70 million in bitcoin. Some victims were being asked for $5 million in ransom, Huntress Labs said.īrett Callow, a threat analyst for cybersecurity firm Emsisoft, said REvil was also asking for $45,000 in cryptocurrency for each computer system a victim wanted restored. He said Kaseya was working with the FBI, Department of Homeland Security and the White House to address the issue.Ībout 50 of Kaseya’s direct customers, including dozens of managed service providers, were compromised in the breach, Voccola said.Ī Russia-based cybercriminal organization known as REvil took credit Sunday for the attack, boasting about it on its site, “Happy Blog," on the dark web. “It totally sucks,” Fred Voccola, Kaseya’s CEO, said in a video posted on YouTube early Tuesday.
0 kommentar(er)
