Subj : Ransomware firms had some basic security flaws that meant victims To : All From : TechnologyDaily Date : Fri Aug 09 2024 15:45:05 Ransomware firms had some basic security flaws that meant victims never had to pay up Date: Fri, 09 Aug 2024 14:33:59 +0000 Description: In trying to identify the C2 servers behind over 100 ransomware extortion sites to try and identify their operators, a security researcher struck gold. FULL STORY ====================================================================== A security researcher has revealed how their discovery of some fairly straightforward vulnerabilities in the web dashboards used by at least three ransomware gangs saved six companies from acquiescing to a ransom demand. Vangelis Stykas, a security researcher and Atropos.ais chief technology officer, set out on a research project to try and turn the tables on ransomware gangs, which thrive on anonymity thanks to being based on the dark web, as well locking down sensitive data to force a companys hand. Yet, while these gangs so often thrive on security flaws in systems to get the access that they need to use files as leverage, Stykas claims that they were able to use code bugs to pass on IP addresses of servers in use by the gangs, as well as uncover decryption keys to be passed on to affected companies. Ransom epidemic Despite the advice always being to never pay a ransomware gang a penny if your business is hit by an attack, ransom payments are at a record high . Though larger enterprises are always targets riper for extortion, small businesses have no reason to be complacent, with Strykas pointing out that two of the six known would-be victims were small businesses. They were able to use existing insecure direct object references (IDORs), vulnerabilities in web applications that allow sequential access to data thought inaccessible by external parties, to access chat messages sent by site administrators. Some, however, were simpler: the Everest ransomware gang used a default password for its SQL databases, and exposing file directories and endpoints that directly revealed attacks in progress. While this rare win against ransomware companies is still but a drop in the ocean compared to the amount of attacks currently happening, it does show that perpetrators are not infallible, which will hopefully inspire many companies to not give in to any demand. Via TechCrunch More from TechRadar Pro Should ransomware payments be banned? This cybersecurity firm thinks so A notorious ransomware group has received the largest ransom payment ever Weve also listed the best disaster recovery services right now ====================================================================== Link to news story: https://www.techradar.com/pro/security/ransomware-firms-had-some-basic-securit y-flaws-that-meant-victims-never-had-to-pay-up --- Mystic BBS v1.12 A47 (Linux/64) * Origin: tqwNet Technology News (1337:1/100) .