The good guys lose out

Feb 23 2023

Gone Phishing Banner

Welcome to Gone Phishing, your daily cybersecurity newsletter that requires no blue tick.

Today’s hottest cyber security stories:

  • Nice guys phinish last
  • Welcome to Hack-ass!
  • (Die)HardBit ransomware holds data hostage

BAD GUYS TARGET ‘GOOD GUYS’

Good Guys, the popular Australian electronics retailer, suffered indirectly from a cyberattack that took place back in August of 2022, it has announced.

The attack targeted a third-party supplier by the name of Pegasus Group Australia which previously hosted Good Guys’ Concierge service under the name ‘My Rewards’.

Not much of a reward, is it? Getting your personal data hacked, stolen, and potentially published on the world wide web for every man and his dog to see? No thanks, mate.

There really is no honour among thieves, targeting Good Guys like these. Who’s going to be next? Five Guys? Perish the thought.

Decent Blokes hardware store is sleeping with one eye open following these distressing revelations. Fine, we made that part up.

Seriously though, this data dash was no joke. Whoever perpetrated this dastardly heist managed to get hold of the following information from Good Guys members, whose loyalty to the electronics retailer they loved was cruelly exploited:

  • Names
  • Addresses
  • Phone numbers
  • Email addresses
  • Encrypted passwords
  • Dates of Birth

By collecting bits of information like this, criminals can create a portfolio of profiles on targeted customers and can potentially commit identity theft.

To be fair to Good Guys, they are currently contacting affected customers individually to explain what’s taken place. That’s nice of them.

THE CYBER-REVOLUTION WILL BE TELEVISED

Do not adjust your television set… Virgin Media Television in Ireland has fallen victim to a “major hack”, according to the Irish Minister of State.

Despite referring to the attack as an ‘attempted hack’, the Irish broadcaster admitted that its programming would indeed be impacted by it in the coming days.

They chose not to humour with specifics. So, we choose to speculate. Virgin Media Television did clarify that it is not ransomware… Always a relief.

So, what is it? And why/how will it impact programming. We can’t help but picture a Guy Fawkes masked face appearing on screens across the country imploring viewers to remain calm, and listen to instructions.

Well, this is what they said: “Due to the precautions we have implemented there will be temporary effects to the broadcasting of some of our recorded programming on Virgin Media 3, 4, More and VMTV Player.”

It’s possible we’re letting our imaginations run wild.

Hackers targeting television networks isn’t anything new. Indeed, in the past year alone, Vice Media, a PBS station in the US, and the Nikkei Group in Japan, have been attacked.

VICTIM: HOW MUCH DO YOU WANT?

RANSOMWARE: HOW MUCH ARE YOU INSURED FOR?

It wouldn’t be Gone Phishing without a chilling ransomware story to keep you awake at night, would it? And today’s offering has a bit of twist.

Introducing HardBit 2.0

Rather than explain to you what HardBit 2.0 is, we’d like you to experience it. So, imagine you’ve just been locked out of your business’ intranet and the following appears on your screen.

FULL UNEDITED RANSOMWARE PUBLISHED HERE VERBATIM:

Very important! For those who have cyber insurance against ransomware attacks.

Insurance companies require you to keep your insurance information secret, this is to never pay the maximum amount specified in the contract or to pay nothing at all, disrupting negotiations.

The insurance company will try to derail negotiations in any way they can so that they can later argue that you will be denied coverage because your insurance does not cover the ransom amount.

For example your company is insured for 10 million dollars, while negotiating with your insurance agent about the ransom he will offer us the lowest possible amount, for example 100 thousand dollars.

We will refuse the paltry amount and ask for example the amount of 15 million dollars, the insurance agent will never offer us the top threshold of your insurance of 10 million dollars.

He will do anything to derail negotiations and refuse to pay us out completely and leave you alone with your problem. If you told us anonymously that your company was insured for $10 million and other

important details regarding insurance coverage, we would not demand more than $10 million in correspondence with the insurance agent. That way you would have avoided a leak and decrypted you information.

But since the sneaky insurance agent purposely negotiates so as not to pay for the insurance claim, only the insurance company wins in this situation.

To avoid all this and get the money on the insurance,

Be sure to inform us anonymously about the availability and terms of insurance coveragte3, it benefits both of us, but it does not benefit the insurance company. Poor multimillionaire insurers will not

Starve and will not become poorer from the payment of the maximum amount specified in the contract, because everyone knows that the contract is more prescribed in your insurance contract, thanks to our interaction.

The gall of these scammers talking about the ‘sneaky insurance agent’. So, sneaking into someone’s network and locking all the files isn’t sneaky? SCUMBAGS.

These scheming scammers don’t take a day off, do they? They’ve figured out most ransomware attacks are at least partially covered by business insurance.

So, rather than demanding an arbitrary amount of money or crypto from the affected business, it makes much more sense to secretly ascertain from the business what the maximum their insurance company will pay out is, and instead shoot straight for that.

Very clever. And evil… Sweet dreams!

So long and thanks for reading all the phish!

footer graphic cyber security newsletter

Recent articles