Bitcoin extortion, revealing underground rivers and lakes that you don’t know

The birth of Bitcoin gave birth to some new industries, which made some participants get huge returns. A group of people took a fancy to the untrackable characteristics of Bitcoin's bitcoin anonymity.

According to statistics, after 15 years, there have been many virus blackmail incidents in the world. The hackers have received hundreds of thousands of dollars in returns, and many have billions of dollars.

Including the US HBO, the rights of the game crew, the shipping giant Maersk, etc. have encountered similar incidents, and the country most seriously affected by all incidents is the United Kingdom, the ransom virus directly leads to the British public medical system, the computer and telephone are not normal. The use of important information such as patient medical records, surgical arrangements, prescriptions, and test results cannot be retrieved.

Just last week, a ransomware team called GandCrab announced that it has earned more than $2 billion in the past year and a half, and will now stop updating and shutting down this malicious program.

With $2 billion, such a large profit is enough for many listed companies. What's interesting is that this ransomware also has a tag, which is called the Grand Theft Auto.

The origin of "Grand Theft"

 

The GandCrab ransom virus was born in January 2018 and is a new type of bitcoin ransomware. In the following months, he quickly became a "new guy" in the viral world.

On October 16, 2018, a Syrian father named Jameel posted a message on Twitter. Jameel said his computer was infected with GandCrab V5.0.3 and was encrypted. He couldn't see the photos of the younger son who lost his life in the war because he couldn't afford to pay a "ransom" of up to $600.

 

When the GandCrab ransomware maker saw it, he immediately issued an apology stating that he had no intention of infecting Syrian users and released the decryption key of some Syrian infected people.

GandCrab also followed the V5.0.5 update and added Syria and other war-torn areas to the “white list” of infected areas. In addition, if GandCrab detects that the computer system is using a Russian language, it will stop the invasion. Security experts have speculated that the virus author is suspected of being Russian.

Subsequently, many people had a good impression on the GandCrab team and called it "Grand Theft Auto". But GandCrab's behavior can't be called "legitimate" because they don't have the kindness to others in other countries, and they also choose to regard China and South Korea as important targets .

Anti-attack ransomware

Generally speaking, for the ransomware that just came out, there will be no prevention tools on the market soon. Some viruses have not been cracked even after a few weeks. Therefore, the above viruses can only be based on prevention.

In general, the most used attack method for ransomware is to attack in the form of mail.

By sending an email to the victim, they are required to report to the police station. After the victim downloads and opens the attachment, the Grand Theft Auto will encrypt the data of the user's hard drive and let the victim access the specified URL to download the Tor browser and log in through the browser. The cryptocurrency payment window pays the ransom.

For the spread of the Grand Theft Auto virus, the DVP blockchain security team believes that it is also possible to use "web-hanging attacks." By using some less-protected websites, users who attack the website after attacking the website will be attacked.

More advanced viruses use operating system vulnerabilities to launch attacks on users . For example, in 2017, a "worm-like" ransomware called WannaCry spread around the world.

The attack form of this virus is even more terrible, and you may be able to take action without any action.

The technologist later introduced that as long as the Windows device that has the 445 file sharing port is turned on, it can be spread and replicated between computers on the same network, forming a chain-like spread and spreading, and the hacker can be in the computer and server. Implanted ransomware, remote control Trojans, virtual currency mining machines and other malicious programs.

The virus was then required to pay a bitcoin worth $300 to unlock. Although I don’t know how much the team was extorting at the time, it’s far more influential than the Grand Theft Auto virus. Therefore, its extortion money is also a high price!

to sum up

In recent years, attacks against cryptocurrencies have increased, and security incidents have occurred frequently. Although the Grand Theft Auto ransomware incident is over, the security issue is not over. I don't know how many black-skinned teams like Grand Theft Auto have come out and must prepare as early as possible, otherwise the next victim may be you.

Here are some suggestions for preventing a ransomware attack:

For enterprise users, there are two main situations: one is to encrypt the files on the enterprise server, and the security patches should be given to the server in time, while avoiding the use of weak passwords and closing unnecessary ports.

On the other hand, for files on office machines, the interception of phishing emails should be strengthened to remind employees not to open emails of unknown origin and keep the security software running.

For individual users, you need to be alert to emails of unknown origin, keep the security software running, repair computer vulnerabilities in a timely manner, and develop good online habits, and do not use tools such as plug-ins and other high-tech points.

For systemic vulnerabilities, ordinary users can't prevent them in time. Therefore, it is necessary to develop the habit of backing up important files . Use U disk, hard disk and other storage tools to back up important files, plan ahead, and prevent them from happening.

Author: Sponge

Source: Block wave

We will continue to update Blocking; if you have any questions or suggestions, please contact us!

Share:

Was this article helpful?

93 out of 132 found this helpful

Discover more

Blockchain

Metropolitan Museum of Art in New York to return $550,000 FTX donation

According to Decrypt, the Metropolitan Museum of Art in New York has agreed to return hundreds of thousands of dollar...

Blockchain

Intercontinental Exchange CEO: The bear market will boost the implementation of the Bakkt Bitcoin futures program

According to Coindesk's May 3 report, an executive at Bakkt's parent company on the Bitcoin Futures Exchang...

Policy

Crypto Exchange FTX to Sell Trust Assets: Debtors Making a Desperate Cash Grab!

The debtors have suggested forming a pricing committee that includes representation from all stakeholders in addition...

Blockchain

FTX Founder SBF The Astonishing Fall of the Former Cryptocurrency King

In the development process of a new technology, there will always be a moment when the hype is so common that it is t...

Blockchain

Coinbase publicly acknowledges that 3,420 user information is threatened by registration vulnerability

According to foreign media, Coinbase Exchange acknowledged in its latest blog post that a vulnerability in their syst...

Opinion

Why is selling risk the good business model?

The top companies, the market makers, are the ones who sell risk. They are the giants who have stacked up their finan...