• Hello and welcome! Register to enjoy full access and benefits:

    • Advertise in the Marketplace section for free.
    • Get more visibility with a signature link.
    • Company/website listings.
    • Ask & answer queries.
    • Much more...

    Register here or log in if you're already a member.

  • 🎉 WHV has crossed 72000 (72k) monthly views (unique) and 272000 clicks per month, as per Google Analytics! Thank you for your support! 🎉

Ukrainian Hacker Admits Role as Nefilim Ransomware Affiliate

johny899

Member
Content Writer
Messages
1,080
Reaction score
3
Points
43
Balance
$134.5USD
When I hear this story of a Ukrainian hacker confessing to being part of the Nefilim ransomware organization. I feel that it is not a movie plot, but really telling me to beware. This is an example of how everyday talents can quickly become dangerous cybercriminals.

So what did he do?

What Does "Ransomware Associate" Mean?​

When we think of a hacker, we usually picture a lone crazy genius typing away in a dark space. But this particular hacker was not the leader of the operation, he was an acquirer affiliate who worked closely with the Nefilim.org ransomware company, which had all the tools to create ransomware.

His responsibility was obtaining access. He would hack into the companies system and then handed control over to the Nefilim organization. Have you ever noticed how when tasks are shared by people in criminal organizations, it makes their crime operations much more efficient?

Methods Used During Attack​

The overall method used to execute the attacks was an uncomplicated, yet repeatable process, which is why it is so frightening.

The overall methods can be outlined as follows:
  • Access a company network
  • Encrypt essential files in order to disable company operations
  • Request a ransom
  • Threaten to leak the encrypted files unless the ransom is paid
The affiliate receives a commission from the ransom paid, which provides extra incentive to continue participating in this activity.

Importance of This Case​

As a long-time follower of the cybercrime news, this case is significant to me. Law enforcement was able to track an online hacker from another country, arrest him and bring him to the US.

Many individuals still believe that there is no punishment for ransomware crime and this case clearly contradicts that position.

Overall Lesson for Everyone​

From a business perspective, this case illustrates that good security practices are essential. If your company has weak passwords and/or has not patched its systems, you are giving your affiliates the opportunity to take advantage of that weakness. Why give them the opportunity?

From a tech fan's perspective, it is a lesson that one has the responsibility to use their knowledge and skills in an ethical and responsible manner.
 
You must log in or register to reply here.
Menu
Log in
Register