Friend
Professional
- Messages
- 2,671
- Reaction score
- 1,104
- Points
- 113
The specialist prevented cyber attacks on several large companies.
A security researcher has prevented serious financial losses for six companies that may have been victims of cyber attacks. Technical Director Atropos.ai Vangelis Stikas discovered vulnerabilities in the infrastructure of several ransomware groups, which allowed him to penetrate hackers systems and help companies.
Two organizations received keys to decrypt data without having to pay hackers, and four cryptocurrency companies were alerted to impending attacks before their files were encrypted. Such actions were made possible by simple but serious errors in the code made by hackers.
Stikas conducted a study aimed at identifying servers that are used by more than 100 groups specializing in extortion and data leakage. Stikas discovered several critical vulnerabilities in web interfaces used by at least 3 ransomware groups. The bugs allowed hackers to break into their internal systems and gain access to valuable data about hacking operations.
One of these errors was when Everest uses the default password to access its SQL databases. Another example is unsecured APIs that exposed the targets of BlackCat attacks. In some cases, the errors revealed the IP addresses of hackers servers, which makes it possible to track their real location.
Stikas also exploited the IDOR vulnerability to gain access to all messages in the Mallox group administrator's chat. The messages contained 2 keys for decrypting data, which Stikas later handed over to the affected companies. The researcher was also able to identify several members of the group.
Among those affected were both small businesses and large cryptocurrency companies with a valuation of more than a billion dollars. Despite this, the companies have not yet publicly disclosed information about the incidents, although Stikas did not rule out that the names of the companies may be made public in the future.
However, despite its success, Stykas also faces negative consequences of its work. He said that in the last 2 years, he began to receive notifications from Google that government hackers are showing interest in him. This suggests that the researcher's actions are causing concern to cybercriminals.
Although attacks on ransomware sites can bring some results, Stykas emphasizes that this is not the most effective way to combat cyber threats. Such operations can be useful for governments or large companies with significant resources. For ordinary users, such attacks are rather a waste of time. During his work, Stykas spent about 100 hours of his free time on such attacks.
Source
A security researcher has prevented serious financial losses for six companies that may have been victims of cyber attacks. Technical Director Atropos.ai Vangelis Stikas discovered vulnerabilities in the infrastructure of several ransomware groups, which allowed him to penetrate hackers systems and help companies.
Two organizations received keys to decrypt data without having to pay hackers, and four cryptocurrency companies were alerted to impending attacks before their files were encrypted. Such actions were made possible by simple but serious errors in the code made by hackers.
Stikas conducted a study aimed at identifying servers that are used by more than 100 groups specializing in extortion and data leakage. Stikas discovered several critical vulnerabilities in web interfaces used by at least 3 ransomware groups. The bugs allowed hackers to break into their internal systems and gain access to valuable data about hacking operations.
One of these errors was when Everest uses the default password to access its SQL databases. Another example is unsecured APIs that exposed the targets of BlackCat attacks. In some cases, the errors revealed the IP addresses of hackers servers, which makes it possible to track their real location.
Stikas also exploited the IDOR vulnerability to gain access to all messages in the Mallox group administrator's chat. The messages contained 2 keys for decrypting data, which Stikas later handed over to the affected companies. The researcher was also able to identify several members of the group.
Among those affected were both small businesses and large cryptocurrency companies with a valuation of more than a billion dollars. Despite this, the companies have not yet publicly disclosed information about the incidents, although Stikas did not rule out that the names of the companies may be made public in the future.
However, despite its success, Stykas also faces negative consequences of its work. He said that in the last 2 years, he began to receive notifications from Google that government hackers are showing interest in him. This suggests that the researcher's actions are causing concern to cybercriminals.
Although attacks on ransomware sites can bring some results, Stykas emphasizes that this is not the most effective way to combat cyber threats. Such operations can be useful for governments or large companies with significant resources. For ordinary users, such attacks are rather a waste of time. During his work, Stykas spent about 100 hours of his free time on such attacks.
Source
