Bleeping Computer: They donate $20,000 to Children International and The Water Project. But money comes from ransomware criminal activity, and the organizations won’t keep it.
WebARX : a cybercrime blackmail cam pain asks victims to pay between $1,500 and $3,000 in bitcoins to avoid having their sites’ databases leaked and their reputation destroyed. It’s false!
Last cybercrime frontier is targeting website owners with blackmail messages asking them to pay ransoms between $1,500 and $3,000 in bitcoins to avoid having their sites’ databases leaked and their reputation destroyed. It has been discovered by WebARX cyber security researchers and reported by Bleeping Computer. As the fraudsters falsely claim, they exfiltrate the databases to attacker-controlled servers using credentials harvested after exploiting a vulnerability found within the sites’ software. Unless the ransom is paid, they threaten to leak or sell the “stolen” databases, as well as email the site owners’ associates and customers to destroy the sites’ reputations. Also, they try to further scare their targets into paying out the $2,000 by threatening to de-index the sites from search engines using “blackhat” SEO techniques. The potential victims are asked to pay the ransom within 5 days after receiving the ransomware notifications to avoid having their websites destroyed.
The cyber security experts: Despite the ransom note is well crafted, none of the admins and owners (for the moment) has fallen in to the scam
According to the cyber security experts, what makes this scam special is not the blackmail technique it uses, but the well-written ransom note (with almost no grammar errors) it delivers to potential victims. Fortunately, almost none of the website admins and owners that were contacted by the cybercrime actors fell for their tricks, with only two wallets having received any funds since mid-April when the first reports of this scam have surfaced. However, the fraudsters are quite active as shown by the dozens of reports their targets have submitted on the BitcoinAbuse platform for each of the wallets used in this campaign.