UK ransomware firm ‘helps’ victims by paying off hackers, tacking on massive fee

UK ransomware firm ‘helps’ victims by paying off hackers, tacking on massive fee 1

A Scottish IT services provider is allegedly skimming off the top when it comes to the cybercriminal world of ransomware — by paying off hackers and then charging a substantial fee for the privilege. 

Ransomware is a particularly virulent form of malware that can cause chaos and heartbreak for consumers and enterprise companies. 

If ransomware is able to successfully infiltrate a system, it may be able to lock devices, encrypt content, and in some cases, spread to other PCs on a network. The global WannaCry outbreak highlights just how damaging an infection can be, considering this single malware family was able to disrupt organizations including Telefónica, the UK’s National Health Service, Deutsche Bahn, and TSMC.

Ransomware often attempts to blackmail victims into paying a ransom demand — in Bitcoin or other forms of cryptocurrency — in return for a decryption key to retrieve their files and unlock their systems. 

While there is no guarantee that the key will ever appear or will work, many victims do pay, a recent example being Florida’s Riviera City, which paid $600,000 to hackers after a ransomware outbreak shut down the majority of city services for weeks. 

Given the mammoth destruction ransomware can cause, it is unsurprising that payments are made — and while bowing to these demands ensures the malware variant remains profitable to develop, some companies are also allegedly cashing in by exploiting its victims further.

A recent investigation undertaken by ProPublica claims that Red Mosquito, a company which uses the slogan “Your IT Department,” is profiting from ransomware victims in what could be considered a morally murky business venture. 

See also: Ransomware attack sends City of Del Rio back to the days of pen and paper

Emsisoft security researcher Fabian Wosar worked with the publication in the sting, in which he posed both as hacker and victim to see how Red Mosquito dealt with ransomware infections and the needs of victims. 

Wosar created a fake ransomware variant, dubbed Gotcha, and drafted a ransomware note. The security researcher then contacted Red Mosquito while posing as a victim of the ransomware’s ‘infection’ on a home server he desperately needed to recover. 

Throwaway email addresses were used while pretending to be both victim and hacker. 

Wosar said that Red Mosquito Data Recovery (RMDR), an offshoot of the main company, did not attempt to purge the ransomware infection used in the operation; instead, the company allegedly went “straight to the ransomware author literally within minutes” in order to pay off the demand. 

After the company told the victim persona that it was “running tests,” Red Mosquito contacted the ‘hacker’ through the second trash email account — to negotiate the fee from $1200 in Bitcoin to $900. A proposed charge was then sent to Wosar of $3,950 for the victim to receive their files and access back within three working days. 

TechRepublic: Why half of enterprises struggle to keep pace with cloud security

RMDR said on its website that the company offered a “professional alternative” to paying criminals. After being contacted by ProPublica, the statement appears to have been removed. 

The IT firm’s FAQ page states, “We do not recommend dealing with the ‘hacker’ directly. In many cases, paying the ransom may be the only option to get your data recovered and it is best to get an experienced consultant to assist with this process.” 

CNET: Gov. Newsom: California is ready to regulate tech

This could be considered as playing upon a victim’s emotions and moral learnings for profit, as the security researcher noted that victims are often amenable to paying more than a ransom demand to recover their data if it is believed the money is going to a legitimate company rather than a cybercriminal. 

Red Mosquito has not responded to requests for comment at the time of publication.

Previous and related coverage

Have a tip? Get in touch securely via WhatsApp | Signal at +447713 025 499, or over at Keybase: charlie0

About the author

E-Crypto News was developed to assist all cryptocurrency investors in developing profitable cryptocurrency portfolios through the provision of timely and much-needed information. Investments in cryptocurrency require a level of detail, sensitivity, and accuracy that isn’t required in any other market and as such, we’ve developed our databases to help fill in information gaps.

Related Posts

E-Crypto News Executive Interviews

Crypto Scams

Beanstalk Farms Loses $80M In A Massive DeFi Governance Flash-Loan Hack
Beanstalk Farms Loses $80M In A Massive DeFi Governance Flash-Loan Hack
April 23, 2022
Joon Pak Head of Crypto at Prove talks to Us about Crypto Fraud And More
April 11, 2022
Mintable CEO Zach Burks Talks to Us about the Opensea Stolen NFTs and Their Recovery
March 21, 2022
Crypto Crime
Crypto Crime Surges To Record Highs As Thieves Follow Market Buzz – Chainalysis 2022 Report
February 24, 2022
Bots Circumvent 2FA Login At Coinbase And Other Crypto Exchanges In 2022
Bots Have Circumvented 2FA Logins At Coinbase And Other Crypto Exchanges In 2022
February 17, 2022

Automated trading with HaasBot Crypto Trading Bots

Blockchain/Cryptocurrency Questions and Answers

Roundtable Interview-What is the Effect of The Russia-Ukraine War on Cryptocurrency Prices?
March 4, 2022
How Does Bitcoin Casino Work + 2021 Beginner’s Guide
November 8, 2021
How to Buy and Sell Cryptocurrency
November 8, 2021
What Are Bitcoin Futures And How Will They Work In 2022?
November 4, 2021
The Unconventional Guide to Ethereum
October 28, 2021

CryptoCurrencyUSDChange 1hChange 24hChange 7d
--- --- --- ---
--- --- --- ---
--- --- --- ---
USD Coin0.9989 0.16 % 0.08 % 0.04 %
--- --- --- ---
--- --- --- ---
--- --- --- ---
Cardano0.9566 0.22 % 0.68 % 6.96 %
--- --- --- ---
--- --- --- ---

Bitcoin (BTC) $ 28,930.00
Ethereum (ETH) $ 1,764.13
Tether (USDT) $ 1.00
USD Coin (USDC) $ 1.00
BNB (BNB) $ 302.88
XRP (XRP) $ 0.386336
Binance USD (BUSD) $ 1.00
Cardano (ADA) $ 0.461146
Solana (SOL) $ 42.44
Dogecoin (DOGE) $ 0.080981