Tech

The police tricked a ransomware gang into handing over its decryption keys. This is how they did it


getty-two-men-using-a-computer-a-late-night-in-an-office

Image: Getty

Police tricked a ransomware gang into handing over decryption keys, giving victims the ability to unlock their encrypted data for free.

Working with cybersecurity company Responders.NU, Dutch national police obtained 150 decryption keys from ransomware Closing group.

With the decryption keys now in the hands of law enforcement, some of the victims of Stop ransomware attacks can access encrypted files and servers without having to pay cybercriminal blackmailers.

According to Dutch Police, Deadbolt ransomware attacks focus on network connection-attached storage (NAS) and encrypted over 20,000 QNAP and Asustor devices around the worldwith at least a thousand of them in the Netherlands.

Also: Ransomware: Why is it still a big threat and where are gangs going next?

Police tricked Deadbolt by paying Bitcoin for the decryption keys, receiving the keys, then withdrawing the ransom – leaving the cybercriminals without their payment after they had provided it to police and researchers network security. decryption key to assist victims of attacks.

Describing it as an “unpleasant blow” to cybercriminals, Dutch Police said the operation proves to cybercriminals that they are “under the radar of international law enforcement agencies”. economy” and “their efforts to move criminal income are not without risk”.

In total, Dutch Police obtained 150 keys, allowing nearly 90% of Deadbolt victims who reported attacks to law enforcement to get their files back for free – and appeal to victims. victims of ransomware attacks go ahead for help.

Matthijs Jaspers of the Dutch National Police’s Cybercrime Team said: “This action clearly shows that reporting helps: victims who have reported ransomware take precedence. Their key lies. among the first we got, before the ransomware group panicked,” said Matthijs Jaspers of the Dutch National Police’s cybercrime group.

“On the part of the international victims, we were able to obtain the keys of all the Dutch victims who filed the complaint and informed them in the evening,” he added.

This action followed advice from Responders.NU, a Dutch cybersecurity company, and involved several police departments.

Support is also provided by the Public Prosecutor’s Office, Europol, the French National Police and the French Gendarmerie.

Ransomware continues to be a major cybersecurity problem because in many cases victims are forced to pay ransom for decryption keys.

Users should regularly update their offline data backups to avoid paying a ransom for that data. However, the best course of action is to avoid becoming a victim of ransomware in the first place, especially since it is so common among people. cybercriminals to steal and leak data taken from victims.

Steps that can be taken to improve cybersecurity and avoid becoming a victim of ransomware – or other cyberattacks – include apply security patches in a timely manner and use multi-factor authentication to secure the account against unauthorized access.

MORE ABOUT CYBERSECURITY

news7f

News7F: Update the world's latest breaking news online of the day, breaking news, politics, society today, international mainstream news .Updated news 24/7: Entertainment, Sports...at the World everyday world. Hot news, images, video clips that are updated quickly and reliably

Related Articles

Back to top button