Wednesday, July 15, 2020

How to spot a fake hacker?

How to spot a fake hacker?

    There is some clues which hacker commonly used yes that hacking groups have garnered worldwide notoriety for their ability to exploit ransomware to make dollars.

The methods are simple they send a ransom note explaining that the gentle attack they've unleashed on your network will stop if you hand over sum of money in the form of bitcoin rather helpfully they also explain how you setup a bitcoin account if you've never come across the currency before.

These groups are famous for their attacks so people take the threat seriously and pay the ransom. That's usually when the trouble starts rather then cease the attack intensifies and the impact is usually devastating. As you can imagine the efforts of these organised groups have got them into hot water and arrests have been made. This effectively shutdown groups like Lizard Squad at the end of last year. That was a significant moment in hacking history.

Firstly the deadline set in the letters passed without any attack taking place. When a second wave of letters were sent to different targets, the suspicion that something odd was going on was confirmed.

There were subtle differences to the way the notes were written when compared to ones we'd before allowing our team to conclude the letters were fake. To the untrained eye you wouldn't know. But once the differences are pointed out, and you see how the approach overall is different, its obvious.

It marked a watershed in the proliferation of ransomware. The global landscape for ransom attack really quietened down that was until the first week if  May when our Emergence Response Team detected a pate of ransom letters begin sent they claimed to be from Amada collective and the emails had all the hallmarks of the real deal. But there was something fishy going on as when they were outed by security specialists they switched track and become Lizard Squad there were other warning signs too.

There are five signs to remember:

1. Money. Fake hackers request different amount of money. Armada collective normally request 20 bitcoins Low bitcoins ransom letters are most likely from fake groups hoping their price point is low enough for someone to pay rather than seek professional assistance.

2. Prowess. Real hackers prove their competence by running a small attack while delivering a ransom note. if you can see a change in your network activity then it's probably genuine

3. Disorganization. The fake hackers don't link you to a website because they don't have one. And they don't have one and they don't have official email accounts a good sign they are not organised

4. Haphazard approach. Real hackers tend to attack many companies in single sector fake hackers target anyone and everyone you'll tend to see on social media when other companies in you sector are also begin hit.

5. Spot the difference. There are subtle differences between a real and fake ransom note as can be seen in the images here. Setting aside grammar and quality of English you can spot a fake whenever dealt with a lot of genuine notes. It takes practices so if in doubt send it to a specialist to review 

No comments:

Post a Comment