Brian Krebs offers an in-depth look at a "cashout" service used by ransomware crooks to get money from their victims. Ransomware is malicious software that encrypts your personal files and demands that you pay a ransom for the key to decrypt them; the crooks who run the attacks demand that their victims buy prepaid MoneyPak cards and send the numbers for them by way of payment. But converting MoneyPaks to cash is tricky -- one laundry, which pipes the money through a horse/dog-track betting service -- charges a 60% premium.
* The ransomware victims who agree to purchase MoneyPak vouchers to regain control over their PCs.
* The guys operating the botnets that are pushing ransomware, locking up victim PCs, and extracting MoneyPak voucher codes from victims.
* The guy(s) running this cashout service.
* The “cashiers” or “cashers” on the back end who are taking the Moneypak codes submitted to the cashing service, linking those codes to fraudulently-obtained prepaid debit cards, and then withdrawing the funds via ATMs and wiring the proceeds back to the cashing service, minus their commission. The cashing service then credits a percentage of the MoneyPak voucher code values to the ransomware peddler’s account.
How much does the cashout service charge for all this work? More than half of the value of the MoneyPaks, it would seem. When a user logs in to the criminal service, he is greeted with the following message:
“Dear clients, due to decrease of infection rate on exploits we are forced to lift the price. The price is now 0.6. And also, I explained the rules for returns many times, we return only cheques which return on my side if you cash them out after then we lock the account! There are many clients who don’t return anything, and I will work only with these people now. I warn you.”
Cashout Service for Ransomware Scammers
In Does The Online Card Payment Landscape Unwittingly Facilitate Fraud?, a new paper in IEEE Security & Privacy, researchers from the University of Newcastle demonstrate a technique for guessing secruity details for credit-card numbers in six seconds — attackers spread their guesses out across many websites at once, so no website gets enough bad guesses […]
Michael Geist writes, “The global music industry has spent two decades lobbying for restrictive DMCA-style restrictions on digital locks. These so-called “anti-circumvention rules” have been actively opposed by many groups, but the copyright lobby claims that they are needed to comply with the World Intellectual Property Organization’s Internet treaties. Now the head of the RIAA […]
The smirking, villainous pharma-hedge-douche-bro Martin Shkreli (previously) bought the rights to the anti-parasitic drug Daraprim — used to treat malaria, a disease that disproportionately affects the poorest people in the world — and jacked the price from $13.50/dose to $750/dose.
The Pocket Tripod PRO had massive Kickstarter success in 2013, raising almost $85,000 in a single month. But this isn’t just another case of pre-release product hype. This ingenious little device folds out from a credit-card-shaped plastic slab into a sturdy stand with a surprisingly wide range of motion. In portrait orientation, your phone slides […]
Loot Crate is a totally different kind of subscription service that mails subscribers monthly boxes filled with curated geek, pop culture, and gamer paraphernalia. Its cult following awaits a box every month filled with everything from bobble heads to T-shirts to special edition collectibles. But nothing gets Loot Crate fans as excited as the limited […]
The ARMOR-X Mini Flexible Phone Tripod is a smartphone tripod that is designed with flexible legs to rest on virtually any type of surface. Other tripods have proved useless unless I conveniently have a flat surface in front of me, which is why this particular tripod was appealing enough to try out. The ARMOR-X is compact and easy […]