Frame-14

Privacy Ninja

        • DATA PROTECTION

        • Email Spoofing Prevention
        • Check if your organization email is vulnerable to hackers and put a stop to it. Receive your free test today!
        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • AntiHACK Phone
        • Boost your smartphone’s security with enterprise-level encryption, designed by digital forensics and counterintelligence experts, guaranteeing absolute privacy for you and up to 31 others, plus a guest user, through exclusive access.

        • CYBERSECURITY

        • Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$3,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Secure your digital frontiers with our API penetration testing service, meticulously designed to identify and fortify vulnerabilities, ensuring robust protection against cyber threats.

        • Network Penetration Testing
        • Strengthen your network’s defenses with our comprehensive penetration testing service, tailored to uncover and seal security gaps, safeguarding your infrastructure from cyber attacks.

        • Mobile Penetration Testing
        • Strengthen your network’s defenses with our comprehensive penetration testing service, tailored to uncover and seal security gaps, safeguarding your infrastructure from cyber attacks.

        • Web Penetration Testing
        • Fortify your web presence with our specialized web penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats.

        • RAPID DIGITALISATION

        • OTHERS

Ransomware Admin Is Refunding Victims Their Ransom Payments

Ransomware Admin Is Refunding Victims Their Ransom Payments

After recently announcing the end of the operation, the administrator of Ziggy ransomware is now stating that they will also give the money back.

It appears that this is a planned move since the admin shared the “good news” a little over a week ago, but gave no details.

Shutdown followed by money-back move

Ziggy ransomware shut down in early February. In a short announcement, the administrator of the operation said that they were “sad” about what they did and that they “decided to publish all decryption keys.”

They followed through the next day, on February 7, offering an SQL file with 922 decryption keys that victims could use to unlock their files.

The admin also made available a decryption tool to make the process easier, along with the source code for a decryptor that does not need an internet connection to work.

On March 19, the Ziggy ransomware administrator said that they also wanted to return the money to the victims that paid the ransom. Today, after a week of silence, the admin said that they were ready to revert payments.

Victims should contact the admin at a given email address ([email protected]) with the proof of their payment in bitcoin and the computer ID, and the money would be returned to the victim’s bitcoin wallet in about two weeks.

Also Read: 4 Best Practices On How To Use SkillsFuture Credit

Returning the ransom and making a profit

Ransomware victims get a ransom note with instructions on how to contact cybercriminals to negotiate a payment. Typically, the payment is negotiated in fiat but paid in Bitcoin.

Bitcoin price has been on ascending route for the past three months, and its price at the moment of writing is close to $55,000.

On the day Ziggy ransomware decryption keys became public, Bitcoin price was around $39,000. Five days before the admin announced that they would return the money, Bitcoin spiked above $61,000. Given the price difference, the admin makes a profit at the current Bitcoin price.

The Ziggy ransomware administrator told BleepingComputer that they lived in a “third-world country” and that their motivation for creating the locker was financial.

Also Read: 3 Reasons Why You Must Take A PDPA Singapore Course

The admin’s recent actions seem to be driven by guilt and the worry that law enforcement might get them, given the disruption of much larger operations like Emotet and Netwalker ransomware.

0 Comments

KEEP IN TOUCH

Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection

REPORTING DATA BREACH TO PDPC?

We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.
×

Hello!

Click one of our contacts below to chat on WhatsApp

× Chat with us