In a Bleeping Computer forum post on your Oct. 7, Frömel says he had hacked the attackers’ database, sharing almost few, 000 decryption keys effectively free decryptor with partner victims.
German programmer Tobias Frömel (aka “battleck”) also has “hacked back” the perpetrators of the Muhstik ransomware who all forced him to pay 0. 09 Bitcoin ( BTC ) to recover access to his movies.
Any illegal but sweet retribution
Bleeping Program previously reported that openly exposed QNAP NAS implements have been targeted by ransomware dubbed Muhstik. The attackers extorted a fixed “fee” linked 0. 09 Bitcoin – roughly $740 at will time – from patients to recover access to their personal data via decryption keys.
Having himself released €670 to the Muhstik perpetrators, Frömel hacked back its command and control computer. He told Bleeping Desktop computer that he had succeeded by retrieving the unique Hardware IDs (HWIDs) and decryption suggestions for getting started for the 2, 858 Muhstik victims stored in the attackers’ database.
People have since confirmed when BleepingComputer’s Muhstik support and help forum that the HWIDs are probably accurate and that the decryptor works out.
Having have been successful in his task, Frömel conceded that his action was first illegal, but argued it absolutely was well-intentioned. He also introduced a Bitcoin wallet address for fellow victims to assist you to tip him for well recognized labor.
Ever since Frömel’s work, anti-virus service provider Emsisoft has released decryption software for victims managing ARM-based QNAP devices, knowning that reportedly were not supported in Frömel’s release.
A growing threat
Last month, Emsisoft also released a new free resolution for the Bitcoin-demanding ransomware WannaCryFake.
In August, Cointelegraph accused that McAfee Labs’ research indicating that ransomware attacks had increased with 118% in the first quarter of 2019.