1 min read

Developer Hacks Back Against Ransomware Attackers and Steals Decryption Keys

Silviu STAHIE

October 09, 2019

Ad One product to protect all your devices, without slowing them down.
Free 90-day trial
Developer Hacks Back Against Ransomware Attackers and Steals Decryption Keys

A victim of Muhstik ransomware paid the attackers to decrypt his data, and then undertook a different kind of payback – he took revenge by hacking into the server and stealing the decryption keys, only to release them for free to anyone who needed them.

 Successful ransomware attacks rarely end on a satisfying note. Even if the victim pays the ransom and receives a key to decrypt the content, money and time are lost. But at least, in this case, the victim managed to disrupt the attacker”s operation.

Software developer Tobias Frömel explained that his QNAP TVS vNAS Server was compromised by Muhstik ransomware. In total, 14 terabytes of data were encrypted, and he chose to pay a €670 ransom to get it back.

“The Muhstik ransomware is reportedly being used to target QNAP NAS devices. Devices using weak SQL server passwords and running phpMyAdmin may be more vulnerable to attacks,” explains the QNAP advisory. “We strongly recommend that users act immediately to protect their data from possible malware attacks.”

Frömel”s attackers used brute force to bypass the phpMyAdmin credentials, and the path was open. After paying the ransom, Tobias figured out that he can strike back by retrieving the database from the criminal”s server, which contained 2,858 decryption keys.

The developer published all the keys on Pastebin and created a decryptor for anyone affected by the ransomware. Frömel”s actions were technically illegal, but he has since contacted the authorities.

tags


Author



Right now

Top posts

What is medical identity theft and how to protect against it

What is medical identity theft and how to protect against it

July 27, 2022

2 min read
Curious about Omegle? Here’s how the roulette-style chat platform can threaten your online privacy and security

Curious about Omegle? Here’s how the roulette-style chat platform can threaten your online privacy and security

July 07, 2022

5 min read
Identifying and Dealing with Online Bullying Is Not Impossible - School Presentation Inside

Identifying and Dealing with Online Bullying Is Not Impossible - School Presentation Inside

June 28, 2022

2 min read
Let’s Celebrate World Social Media Day by Improving Your Privacy and Security Online

Let’s Celebrate World Social Media Day by Improving Your Privacy and Security Online

June 28, 2022

3 min read
Bitdefender Reveals the Top Cyber Threats Faced by Consumers in 2021

Bitdefender Reveals the Top Cyber Threats Faced by Consumers in 2021

June 22, 2022

1 min read
Scam alert: Cybercrooks use shady investment domain to scam keen investors out of money and data

Scam alert: Cybercrooks use shady investment domain to scam keen investors out of money and data

May 24, 2022

3 min read

FOLLOW US ON

SOCIAL MEDIA


You might also like

Chinese criminals scam kids desperate to play games for more than three hours a week Chinese criminals scam kids desperate to play games for more than three hours a week
Graham CLULEY

August 12, 2022

2 min read
Sophisticated Smishing Attack on Twilio Leads to Employee Credential Leak and Data Breach Sophisticated Smishing Attack on Twilio Leads to Employee Credential Leak and Data Breach
Silviu STAHIE

August 09, 2022

1 min read
Attackers Hit German Chambers of Industry and Commerce; All Digital Services Down Attackers Hit German Chambers of Industry and Commerce; All Digital Services Down
Silviu STAHIE

August 05, 2022

1 min read