Another chancer tries to pull an inside ransomware job.

May 25 2023

Gone Phishing Banner

Welcome to Gone Phishing, your daily cybersecurity newsletter that tackles the tough jobs. Like writing Rolf Harris’ obituary ????

Today’s hottest cyber security stories:

  • Another chancer tries to pull an inside ransomware job… Didn’t work out lol.

  • Suzuki motorcycle plant in India shut down by cyberattack

  • Cuba ransomware claims cyberattack on Philadelphia Inquirer


This is a bit of fun and similar to one we covered last week. We have ourselves a real-life cyber-drama unfolding in the UK!

Picture this: a 28-year-old chap from Fleetwood, Hertfordshire, decided to put his IT skills to some mischievous use. Brace yourselves for the tale of Ashley Liles, the IT Security Analyst turned cyber trickster extraordinaire.

Flashback to February 2018, where our protagonist, Ashley, was working his IT magic at an Oxford-based company. Little did they know, trouble was brewing in the digital depths.

Yep, you guessed it—a nasty ransomware attack came knocking at their virtual doorstep. The company's executives were sweating bullets as those sneaky threat actors reached out, demanding a hefty ransom payment.

Now, here's where things take a twist. Ashley, being part of the company's internal investigation and incident response team, had a front-row seat to all the cyber mayhem. But instead of being a hero in the digital battlefield, he hatched a cunning plan. While working alongside his unsuspecting colleagues and the police, Ashley saw an opportunity to line his own pockets.

Instead of helping the company fend off the external attacker, he decided to play both sides. He concocted a scheme to trick his own employer into paying him a ransom, all while pretending to fight the good fight against the original cyber intruder. Talk about biting the hand that feeds you!

However, Ashley's greedy ploy didn't go unnoticed. The South East Regional Organised Crime Unit (SEROCU) swooped in, delivering justice.

Yesterday, a press release revealed that our cyber-trickster had been convicted of unauthorised computer access with criminal intent and blackmailing his employer. The curtain fell on Ashley's grand cyber performance.

Karma’s a bitch, Ash.


Suzuki, go to the well… and fetch the ransom ???? Kidding aside, we don’t know whether or not this latest cyberattack on a Suzuki motorcycle plant in India is another case of ransomware.

But it does have some of the hallmarks of a ransomware attack. The factory has been completely shut down by the cyberattack and the company has kept very tight-lipped about the nature of the attack, only acknowledging that one did indeed take place.

What Suzuki said:

“We are aware of the incident and have promptly reported the same to the concerned Government department. The matter is currently under investigation, and for security purposes, we are unable to provide further details at this point in time.”

Wow, enlightening.

So, yeah these scumbag scammers have forced Suzuki to slam the brakes on manufacturing.

Since May 10, the production lines at Suzuki Motorcycles’ Indian plant have come to a screeching halt, leaving the poor bikes and scooters hanging in mid-air like it’s 2016 again and they’re doing the mannequin challenge.

Rough estimates suggest that a whopping 20,000 vehicles have been caught in this cybernetic whirlwind, unable to make their grand debut on the open roads. It's like a biker's worst nightmare—being stranded without a motorised steed to conquer the tarmac.

But the cyber mayhem didn't stop at just shutting down the plant. Oh no, it had grander plans in mind. Suzuki Motorcycle had to go and postpone its annual supplier conference, leaving all those eager suppliers scratching their heads and wondering if they'll ever get a chance to show off their shiny new components.

So, yeah the question on everyone’s lips is: was this "cybersecurity incident" a ransomware attack. We think yes. And, if it is, will they pay the ransom? We think yes, again. On the sly.

Watch this space.


Cuba Gooding Inquirer. Lol. Strap in, folks, it’s yet another ransomware story. And this one is a doozy.

For those who don’t know, Cuba is a pretty successful ransomware hacking group. In fact, Cuba has managed to extort $43.9 million from victims, according to the FBI. So yeah, pretty f*cking serious.

The notorious Cuba ransomware gang just couldn't resist the temptation to wreak havoc, and this time, their target was none other than Philadelphia's beloved newspaper, The Philadelphia Inquirer.

Indeed, on May 14th, chaos ensued. The Inquirer had to shout, "Stop the presses!" quite literally because they were under attack. Cyberattack.

Those sneaky hackers forced the newspaper's IT team into action, pulling the plug on their computer systems faster than you can say "breaking news.

The cyber ninjas at The Inquirer knew they had to act swiftly to keep the attack from spreading like wildfire. So, they went full-on lockdown mode to protect the integrity of their information.

Yep, journalism marched on, just with a tiny detour. And hey, if anything, this incident reminded us that even newspapers have to face off against high-tech adversaries.

Who said news was a snooze? Seriously though, this looks pretty bad. Ransomware is getting out of hand as today’s newsletter illustrates.

Maybe we should all follow Australia's lead and make paying the ransom illegal… Just a thought.

So long and thanks for reading all the phish!

Recent articles