17 comments

[ 3.1 ms ] story [ 50.6 ms ] thread
Maybe that's why Bitcoin transactions are up.

It should be possible to follow the money. Bitcoin is only semi-anonymous. If you have a large number of transactions to track, it should be possible to figure out where the money is going.

Yeah you can track it all the way to the country that doesn't give a shit.
That's what drones are for.
Are you suggesting using extra judicial killings against non violent offenders?
*Note - I'm not endorsing droning ransomware dirtbags

Wars have and will be fought over economic sabotage, with "non-violent offenders" inciting them. At some point it is possible that cybercrime could become enough of a problem that it would have dramatic effects on a nation's economy, then it's only a small step away from said country taking matters in to it's own hands.

Not if they mix the coins, and anyone employing ransomware will be using a mixer.
I remember seeing some articles that show that mixers and tumblers are not as anonymizing as they promise to be, but can't track them down now.

Not to mention, it only takes a single mistake.

If there are enough transactions, you can follow the money through a mixer. You'll see coins going into the mixer, and, after a while, items that sum to the same amount minus the laundering fee coming out. It's statistically noisy, but that's what big data is for.
Transactions can be traced through mixers and there are several companies offering solutions to the problem mixers introduce.
Modern world eh? I guess ransomware pays most.
The lesson here is that you should backup your files on a cloud storage service that has version history for all files, preferably for a period longer than 30 days.
Anybody have recommendations for decent providers of such backup services?
Out of band.

You don't want crypto-ransomware able to get to your keys to the backups.

You should back up your critical files somewhere else than in a place where someone can wipe them, preferably off-line.
Cloud backups don't suit every scenario though. The video editing studio here got a new 40TB storage device and filled it in months, and are talking about going bigger next time. They are struggling on rural Australian internet with a service that varies between 10 and 2mbit depending on the weather, often with high degrees of packet loss.

Multiple "experts" have walked through the door and demanded they move all backups to various cloud based services. Trying to tell people that some great solutions aren't always great for every scenario is like talking to a wall.

Notably, the top 3 ransomware tools they mention are Windows only (Locky, TeslaCrypt, CryptoWall). And that's not just because of platform popularity.

There was recently a case of Mac ransomware (KeRanger) but it was not via a phishing email. It was considerably harder to distribute because Mac users can't simply run unsigned software downloaded from the internet (by default). The attacker got control of an app developer signing certificate and hijacked their software update to deliver the ransomware. It was halted as soon as the the certificate was revoked.