Ransomware firms had some basic security flaws that meant victims never had to pay up
A security researcher has revealed how their discovery of some fairly straightforward vulnerabilities in the web dashboards used by “at least three” ransomware gangs saved six companies from acquiescing to a ransom demand.
Vangelis Stykas, a security researcher and Atropos.ai’s chief technology officer, set out on a research project to try and turn the tables on ransomware gangs, which thrive on anonymity thanks to being based on the dark web, as well locking down sensitive data to force a company’s hand.
Yet, while these gangs so often thrive on security flaws in systems to get the access that they need to use files as leverage, Stykas claims that they were able to use code bugs to pass on IP addresses of servers in use by the gangs, as well as uncover decryption keys to be passed on to affected companies.
Ransom epidemic
Despite the advice always being to never pay a ransomware gang a penny if your business is hit by an attack, ransom payments are at a record high. Though larger enterprises are always targets riper for extortion, small businesses have no reason to be complacent, with Strykas pointing out that two of the six known would-be victims were small businesses.
They were able to use existing insecure direct object references (IDORs), vulnerabilities in web applications that allow “sequential” access to data thought inaccessible by external parties, to access chat messages sent by site administrators.
Some, however, were simpler: the Everest ransomware gang used a default password for its SQL databases, and exposing file directories and endpoints that directly revealed attacks in progress.
While this rare win against ransomware companies is still but a drop in the ocean compared to the amount of attacks currently happening, it does show that perpetrators are not infallible, which will hopefully inspire many companies to not give in to any demand.
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
Via TechCrunch
More from TechRadar Pro
A security researcher has revealed how their discovery of some fairly straightforward vulnerabilities in the web dashboards used by “at least three” ransomware gangs saved six companies from acquiescing to a ransom demand. Vangelis Stykas, a security researcher and Atropos.ai’s chief technology officer, set out on a research project to…
Recent Posts
- Gallup blocks security flaw which could have led to fake polling data
- GM and EVgo plan more ‘flagship’ EV charging locations that look like gas stations
- The Morning After: Everything we know so far about Nintendo’s next console
- This Apple Watch Series 10 case costs more than an Ultra –and makes it look like a luxury chronograph
- Why NASA is sticking with Boeing
Archives
- September 2024
- August 2024
- July 2024
- June 2024
- May 2024
- April 2024
- March 2024
- February 2024
- January 2024
- December 2023
- November 2023
- October 2023
- September 2023
- August 2023
- July 2023
- June 2023
- May 2023
- April 2023
- March 2023
- February 2023
- January 2023
- December 2022
- November 2022
- October 2022
- September 2022
- August 2022
- July 2022
- June 2022
- May 2022
- April 2022
- March 2022
- February 2022
- January 2022
- December 2021
- November 2021
- October 2021
- September 2021
- August 2021
- July 2021
- June 2021
- May 2021
- April 2021
- March 2021
- February 2021
- January 2021
- December 2020
- November 2020
- October 2020
- September 2020
- August 2020
- July 2020
- June 2020
- May 2020
- April 2020
- March 2020
- February 2020
- January 2020
- December 2019
- November 2019
- September 2018
- December 2011