![[personal profile]](https://www.dreamwidth.org/img/silk/identity/user.png){kind=small}
thewayneThe U.S. government are offering up to a $10,000,000 reward for info leading to the arrest of key members of the group! $5mil for affiliate members!
Recently a member was arrested in Poland and $6mil of cryptocurrency was recovered. He's in prison awaiting extradition to the USA!
The wheels of justice may grind slowly, but they grind exceedingly fine.
Krebs is learning that it seems any organization that is ten years old starts getting really lax about their internal cybersecurity. These guys were brought down because they didn't compartmentalize their hacker identities from their social media identities. People linked them, reported them to the authorities, and now they're behind bars!
https://krebsonsecurity.com/2021/11/revil-ransom-arrest-6m-seizure-and-10m-reward/
Recently a member was arrested in Poland and $6mil of cryptocurrency was recovered. He's in prison awaiting extradition to the USA!
The wheels of justice may grind slowly, but they grind exceedingly fine.
Krebs is learning that it seems any organization that is ten years old starts getting really lax about their internal cybersecurity. These guys were brought down because they didn't compartmentalize their hacker identities from their social media identities. People linked them, reported them to the authorities, and now they're behind bars!
https://krebsonsecurity.com/2021/11/revil-ransom-arrest-6m-seizure-and-10m-reward/
no subject
Date: 2021-11-10 12:25 am (UTC)no subject
Date: 2021-11-10 03:28 am (UTC)Several members of my family have lost computers to ransomware. I'm very glad to see even some of the perpetrators brought to justice.
no subject
Date: 2021-11-10 05:26 am (UTC)I've only been involved in one incident, I was called in by a friend whose chiropractor got hit. Unpatched Windows 2008 Server whose practice was not behind a firewall, running a backup regimen that not only was untested but did not work. He actually had two or three ransomware strains on his server! Ancient server OS, not properly maintained, etc. The only thing that saved his bacon was that his medical practice software was mostly either online or backed up recently enough that the vendor's backup was intact. I could print money down here consulting on backups and data recovery except (A) I don't want to put in the effort mainly because (B) they don't want to pay close to market rates for my services. This chowderhead objected to paying me $40 an hour for my services! The report that I prepared for him would have run him a minimum of probably $300 just for the report, much less my analysis time. Let him burn, I say. This town is a mess, and the further I stay away from its IT structure, the better off I am.
no subject
Date: 2021-11-11 09:22 pm (UTC)no subject
Date: 2021-11-11 09:47 pm (UTC)It's not difficult to do OpSec - for the short term. But invariably they're going to get lazy over time. It takes a lot of self-discipline to maintain it over the long-term, and the longer you're successful, the more overconfident you become, which increases the chance you get sloppy.
no subject
Date: 2021-11-11 10:32 pm (UTC)