TECH NEWS

'Dumbass' criminal breaks the 'first rule of ransomware club'

https://image.theregister.com/5250399.jpg?imageId=5250399&x=0&y=0&cropw=100&croph=100&panox=0&panoy=0&panow=100&panoh=100&width=1200&height=683

You don't infect anyone in Russia or other CIS countries

Even ransomware cartels make mistakes, and in this case, it was a biggie that could have landed the responsible crim in a Russian gulag: accidentally infecting a company located in a Commonwealth of Independent States country.

In what threat-hunter Dominic Alvieri deemed the ransom “dumbass of the day,” Nova, the affiliate program for ransomware crew RAlord, on Tuesday issued an apology to Eriell Group, a major oilfield services company with headquarters in Uzbekistan and a corporate office in Moscow.

Apparently, Eriell contacted Nova and notified the ransomware operators about an affiliate's mess-up.

The affiliate has since been banned from the criminal operation, we’re told. In addition to issuing a “formal apology,” the ransomware gang promised to assist Eriell with the recovery process “free of charge.” The malware slingers claimed they didn’t encrypt any files, and pledged not to leak...

Copyright of this story solely belongs to theregister.com. To see the full text click HERE

Read more