According to a report by Catalin Cimpanu at The Record, authorities in South Korea have filed charges against employees at a computer repair store.
What are the nine charged employees of the unnamed company based in Seoul alleged to have done? Created and installed ransomware onto the computers of their customers, netting more than 360 million won (approximately US $320,000.)
The report says that South Korean police claim the extortion scam began last year, after companies contacted the repair firm hoping to receive assistance in dealing with ransomware infections that had encrypted their systems.
The repair firm reportedly initially assisted victims, helping them negotiate and pay ransoms to retrieve data garbled by the attacks. However, according to The Record, “in at least 17 incidents, the employees modified ransom notes to inflate the original ransom demands in order to obtain larger funds from the victimized companies.”
In some cases the ransoms are said to have been increased ten-fold, allowing corrupt technicians to make large profits when victims agreed that a ransom demand should be paid.
That would be bad enough, but it is further claimed that technicians at the repair store installed a remote access backdoor on customers’ computers they helped recover from attacks, and would use it to launch their own ransomware attacks.
Ultimately, according to reports, the rogue staff would plant ransomware onto the computers of any customers – even those who didn’t bring their computers in due to a ransomware problem.
If there’s one thing that I thought ransomware gangs had learnt in recent years it was not to target organisations on your doorstep.
Just look at the amount of ransomware believed to originate from certain parts of Eas ..
Support the originator by clicking the read the rest link below.
