Cisco security unit pulls plug on ransomware scammer

Cisco Systems’ Talos security unit said Tuesday that it has pulled the plug on a pernicious group that encrypted people’s computer files and demanded payment to decrypt them.

Talos threat research Nick Biasini said his group had disrupted a group using the Angler Exploit Kit to target 90,000 victims a day, generating more than $30 million annually in ransom. The kit has been used by other groups for a combined $60 million in annual ransom, the company reported.

“Cisco determined that an inordinate number of proxy servers used by Angler were located on servers of service provider Limestone Networks,” he reported.

The crooks had used stolen credit cards for servers on Limestone’s system. The company pulled the plug on them when Cisco contacted it, and cooperated with security researchers, according to a report by Reuters.

The Talos unit collaborated with Level 3 Threat Research Labs and OpenDNS to peer over the shoulder of the scammers and see how they operated.

Then Cisco broadcast Angler protocols and mechanisms “so others can protect their communities,” Biasini wrote.

“This is a significant blow to the emerging hacker economy where ransomware and the black market sale of stolen IP (intellectual property), credit card info and personally identifiable information are generating hundreds of millions of dollars annually.”

Photo: Computer crime illustration (Al Phillips, The Charlotte Observer)

 

Tags: , , , ,

 

Share this Post



 
 
 
  • neutral_site

    Still comes down to one basic:
    Your computer should be able to detect where its orders are coming from, and, by default should NEVER lock, change, or delete files in its core directories when those commands are not from a local, registered device (keyboard, mouse, so on).

    In my view, the OS systems authoring companies are on the hook for literally billions for authoring and selling crap software. Your Aunt Mary isn’t going to be a computer expert, but within reason she shold be able to use the damned thing without the fear of basic level attacks.

 
 
css.php