Cyberpolice tracked down Ukrainian ransomware hacker who committed crimes in Germany
As reported, a Ukrainian ransomware hacker planted the Rapid (VI) Trojan program in the IT systems of four German companies. And encrypted all important documents and data with it. In contacting employees of these companies by e-mail, he offered to restore the data.
The Ukrainian ransomware hacker request is to pay for the restoration in bitcoins, in the equivalent of 2 thousand US dollars (if there is a money transfer within 2 days). If there are delays in the transfer of money, the cost of decryption will automatically rise to 5 thousand dollars.
To confirm that he is able to keep his promise, the hacker sent in several decrypted files.
Most of the law-abiding Germans did not negotiate with the extortionist and turned to the competent authorities. And only an employee of a private design bureau tried to fulfill. The requirements of the extortionist and sent him 0.25 BTC ($ 2002.00). Despite this, the hacker never fulfilled his promise.
After analyzing all the facts and data, the German police came to the conclusion that although the email. The addresses from which they wrote to the companies were different, all these cases have similar handwriting. The same message text and the same version of the Trojan program. Despite the fact that at the time of the incident there were already more recent versions. Consequently, the Germans came to the conclusion that in all episodes the same person or a group of people appears.
Using telecommunication tracking methods, law enforcement officers found the IP addresses. The attacker accessed the mail server and correspondence. Most of the traces go back to typical TOR and VPN anonymization servers. Where the traces were cut off and the investigation was not able to move in this direction.
However, some of the connections were made from Ukrainian IP addresses.
At first, these cases were isolated, but later they became more frequent. Investigators concluded that these addresses were not encrypted as a result of the anonymizer failure. And are the attacker’s real IP addresses?
As a result, on the basis of Art. 29 of the Convention on Cybercrime, the German Federal Criminal Police Department requested. The so-called “pre-storage” of all the credentials of a number of Ukrainian Internet providers.
Based on this request, the Svyatoshinsky Court of Kyiv ruled to provide access to the data of these Internet providers. Since they are essential in determining who was the user the suspected. IP addresses during the required period of time.
If, before September 5, 2020, the providers do not voluntarily provide the data of interest to the investigation. The court gave the police the right to temporarily seize the companies’ servers and documents.
Henceforth, WE WISH TO ANNOUNCE THAT OUR SERVICES ARE NOT AVAILABLE TO PEOPLE FROM NIGERIA AND INDIA. THESE ARE USELESS TIME WASTERS AND THIEVES TRYING TO BEG OR SCAM US OF OUR PRODUCTS. OUR SERVICES ARE NOT FREE AND PAYMENT IS UPFRONT
A LOT OF FOOLS FROM NIGERIA AND INDIA. on the off chance that YOU DON’T TRUST TO USE OUR SERVICES, DON’T CONTACT US AS WE HAVE NO FREE SERVICE
HI BUYERS, WE ARE A PROFESSIONAL CARDING AND HACKING TEAM. HOVATOOLS HAS BEEN AROUND SINCE THE TIME OF EVO MARKET, ALPHABAY, WALLSTREET MARKET AND MORE. WE REMAIN STRONG AND RELIABLE IN THE INDUSTRY, ALWAYS PROVIDING YOU WITH THE BEST QUALITY TOOLS TO HELP YOU MAKE MONEY AND MAXIMIZE PROFIT IN THE FRAUD GAME.
Buy Fresh Credit Cards for Carding, BIN LIST Buy Bank Login, RDP, Buy Hacked Paypal accounts. Contact us to buy all tools and carding software. CLICK HERE TO VISIT OUR SHOP
Buy Socks 5, Email Leads, Buy Latest CC to Bitcoin Cashout Guide, Buy Hacked Zelle transfer , Western Union Money Transfer Hack, Buy Hacked Money Transfer service to your bank account.
Enroll for Paid private Carding Class.