Infosec Round-Up Sep 10th

ProtonMail Privacy, Scammer Jailed & Ransomware Threats

This is the Hut Six InfoSec Round-Up, where we look at some of the most pressing matters, latest trends, and industry news from across the world of information security.

Ransomware Gang Threatens Leaks

The prolific ransomware syndicate Ragnar Locker is warning that should victims contact law enforcement authorities about attacks, stolen data will be leaked.

Announced via the gangs darknet leaks site, the escalation in intimidation tactics reportedly also applies to victims contacting data recovery experts attempting decryption and conducting payment negotiations.

Threatening that these actions will be viewed by the gang as “hostile intent” that will lead to the “publication of compromised data immediately”, this statement is likely a response to the increasingly common request of governments worldwide that victims should not pay ransoms.

Having claimed many high-profile victims in its two years of operation, Ragnar Locker recently demanded $11 million in exchange for the decryption of Japanese game developer Capcom’s systems.

In May of this year, British Home Secretary Priti Patel stated on the matter on ransomware: “the Government has a strong position against paying ransoms to criminals… It will not protect networks from future attacks, nor will it prevent the possibility of future data leaks. In fact, paying a ransom is likely to encourage criminals to continue to use this approach.”

Cyber Security Student Jailed

A UK university student studying cyber security has been jailed for his involvement in a scam in which criminals posing as Amazon technical support stole almost £40,000 from a single individual.

Ramesh Karuturi, 24, who was studying cyber security at Middlesbrough’s Teesside University, was arrested on 11th of June 2020 when around half of the stolen funds were traced to an account held in his name.

Having contacted the victim, a woman in her 60s, scammers told her that her computer had been hacked and convinced her to install ‘protective anti-virus software’, gaining remote access and draining her bank accounts of nearly £40,000.

With investigators referring to the crime as a “cynical ploy”, Karuturi this week pled guilty to charges of conspiracy to defraud and three counts of money laundering, and was sentenced to five months in prison.

Ian Brown, Police Staff Investigator stated on the case, “This case should serve a stark warning… Cleveland Police continue to actively tackle online scams, working to bring perpetrators before the courts and to achieve justice for victims.”

ProtonMail Data Handover

Privacy-focus email company ProtonMail has faced some criticism after handing over user information to Swiss authorities.

Having been compelled to provide account information relating to the arrest of a “climate activist” by French police, some users reportedly feel that the company is failing to live up to its commitment to the privacy expected from its ‘anonymous’ accounts.

Although the company states that it does not keep ordinary logs, this week it clarified that it can be compelled to record IP data linked to accounts, apologising for any lack of clarity on this matter.

In a statement, the company noted, “ProtonMail does not give data to foreign governments; that’s illegal under Article 271 of the Swiss Criminal code. We only comply with legally binding orders from Swiss authorities.” Adding, “There was no legal possibility to resist or fight this particular request.”

Thank you for reading this edition of Infosec Round-Up. Please be sure to subscribe to the Hut Six YouTube Channel to keep up to date with the latest news and see all our latest information security videos.