German programmer Tobias Frömel “hacked back” the perpetrators of the Muhstik ransomware who forced him to pay 0.09 BTC.
German programmer Tobias Frömel (aka “battleck”) has “hacked back” the perpetrators of the Muhstik ransomware who forced him to pay 0.09 Bitcoin (BTC) to recover access to his files.
In a Bleeping Computer forum post on Oct. 7, Frömel revealed that he had hacked the attackers’ database, sharing almost 3,000 decryption keys and a free decryptor with fellow victims.
An illegal but sweet revenge
Bleeping Computer previously reported that publicly exposed QNAP NAS devices have been targeted by ransomware dubbed Muhstik. The attackers extorted a fixed “fee” of 0.09 Bitcoin — roughly $740 at press time — from victims to recover access to their data via decryption keys.
Having himself paid €670 to the Muhstik perpetrators, Frömel hacked back their command and control server. He told Bleeping Computer that he had succeeded in retrieving the unique Hardware IDs (HWIDs) and decryption keys for the 2,858 Muhstik victims stored in the attackers’ database.
Victims have since confirmed in BleepingComputer’s Muhstik support and help forum that the HWIDs are accurate and that the decryptor works.
Having succeeded in his task, Frömel conceded that his action was illegal, but argued that it was well-intentioned. He also provided a Bitcoin wallet address for fellow victims to tip him for his labor.
Since Frömel’s work, anti-virus firm Emsisoft has released decryption software for victims running ARM-based QNAP devices, which reportedly were not supported in Frömel’s release.
A growing threat
Last month, Emsisoft also released a new free fix for the Bitcoin-demanding ransomware WannaCryFake.
In August, Cointelegraph reported that McAfee Labs’ research indicating that ransomware attacks had increased by 118% in the first quarter of 2019.
Source: , CoinTelegraph
Articles listed with Cash Tech News as the author are either general information, or may have been imported from another website, to bring our readers a rich media experience that encompasses articles that we find interesting, as well as those curated by others.
The views and opinions expressed here are for informational purposes only, and should not be confused with professional financial advice. These opinions are solely those of the author and do not necessarily reflect the views of CashTechNews.com. Every investment and trade involves risk. You should conduct your own research, and contact your professional financial advisor before making any investment.
Corrections, feedback, and ideas should be submitted through the website contact form.