spare-time indie dev - godot, pico-8 and more. loved that thing you did. forever fleeing the hellzones.


ireneista
@ireneista

no, but, that is literally what just happened (and this isn't the first time; there seems to be broad agreement among ransomware organizations that hospitals aren't appropriate targets, although other utilities are)

this has some frightening implications about where the world is headed


NireBryce
@NireBryce

when your ransomware has better policies than your software industry it may be time for reflection


hackermatic
@hackermatic

And that includes risk and compliance management departments.

From an old Money Stuff newsletter (Bloomberg, non-paywalled mirror):

We have talked before about the compliance function at ransomware firms. If you run a legal company, you have a compliance department to make sure that you don’t do anything illegal, or at least, if your company is really big, to keep the illegality within acceptable limits.

If you run a criminal gang, you have concerns that are different in degree but directionally similar: Your whole business is doing illegal things, sure, but you don’t want to do too many things that are too illegal. You want to do crimes that make you money, but not crimes that get you shut down. You want to steal information from rich people and extort money from them. But not Mohammed bin Salman! Good lord!

The rest of it runs like a business, too, including the boring stuff like sysadmin and scheduling:

Each Conti employee was assigned a specific 5-day workweek, and employee schedules were staggered so that some number of staff was always on hand 24/7 to address technical problems with the botnet, or to respond to ransom negotiations initiated by a victim organization.

Like countless other organizations, Conti made its payroll on the 1st and 15th of each month, albeit in the form of Bitcoin deposits. Most employees were paid $1,000 to $2,000 monthly.

However, many employees used the Conti chat room to vent about working days on end without sleep or breaks, while upper managers ignored their repeated requests for time off.

And as you might imagine, customer service is a big deal. If you don't respond quickly to emails, you can't get paid, and if you don't provide working decryption keys, you won't get paid next time.

Which led one cryptographer to speculate whether ransomware operators will embrace Web3. I'll just leave the section headers here for you:

Verifiable key delivery using smart contracts

“Autonomous” ransomware
(hackermatic's note: By abusing "secure enclaves" on processors! Cool! I mean oh no! Who could have predicted this??)

Ransomware Skynet


You must log in to comment.