Two Faced Cybercriminals – 2021’s April Fools

Don’t think for one minute that ransomware operators Ziggy and Fonix have grown a conscience! Word on the street is that they have joined forces and are switching sides, claiming “We have come to the conclusion we should use our abilities in positive ways to help others”.  They say they’ll be paying bitcoin back to those they have ransomed. In other words, they are leaving their former network of global ransomware buddies and “just looking for a job working on PHOBOS ransomware free decryption tools.”

Unbelievable? Not really. These types feed off victims who are easy targets. Many businesses whom they’ve robbed may respond, glad to get anything back for the damages the business suffered. Yet no refund amount will fully restore a business’ reputation, nor losses from downtime they experienced. And take note: Ziggy told Bleeping Computer that refunds will be calculated based on Bitcoin value on the day of payment (then, 1 BTC to $39,000). With Bitcoin’s spiked value today, this represents 1 BTC to $59,000. So once again, “criminals turned do-gooders” are making a profit!

Call me skeptical because I am: Ziggy and Fonix are either up to something worse than stealing businesses’ lifeblood even during a pandemic, or simply afraid of being caught by ever-improving collaborative law enforcement endeavors (like the one that brought down Emotet in January of this year). Realize that at any point in their “career”, Ziggy could have done the math and determined that it was both moral and more lucrative to be on the right side. They could have worked for law enforcement or any of the large corporations who hire their own White Hat Hackers to fight incoming cyberthreats. Not so! Ziggy and Fonix founders and staff intentionally chose the lives of Black Hat Hackers. If it looks like a duck, swims like a duck, and quacks like a duck, then it probably is a duck. Do these people really think we believe they will turn on a dime and choose to do the right thing without having been compelled?

Don’t buy it. Here is what to watch for and do with this new ransomware storyline:

·        If you’re offered a refund by a group who ransomed you, ignore it! Any interaction with them may open you and your network up to additional breach.

·        If you haven’t already, engage in robust cyber-training for you and your staff.

·        Require dual authentication on every device your personnel use, on your watch.

·        Don’t hit ‘unsubscribe’ from anything that looks suspicious, since it can easily release your proprietary information to tech savvy criminals using it for unsavory purposes.

The tricks of the cybercrime trade are too many to navigate, alone. Save yourself the time, money, and grief of having your data and operations seized or ransomed. Leverage the tools and technology of cyber career specialists – your IT team’s extended arm – to decipher which masked villains are posing as the good guys. That is your cybersecurity partner’s job to do around the clock, so you rest easy!

==>Get a FREE Cyber Health Check

Data-Guard 365 is a MSSP firm headquartered in Indianapolis, Indiana, with offices in Chicago, Atlanta, and other strategic locations across the globe. The company is a one-of-a-kind business partner whose people, processes, and technology provide armored cybersecurity for a price point that pays for itself. www.Data-Guard365.com / (317) 967-6767 / info@data-guard365.com