According to the Ukranian cyber police, an unnamed man infected a bunch of his websites with Wannacry-like malware.
Police Search Reveals Intentional Infection
An unreliable Google translation makes it sound as if the man’s home had been invaded and police were investigating when they discovered his activities. Google’s translation reads:
While conducting searches in the apartment of an intruder, law enforcement officers removed the computer hardware of the attacker, bank cards, additional information carriers, and draft records. All seized is sent for examination.
However, CCN got hold of a native Russian speaker, Oleg Onishchuk, who says it reads more like:
During carrying out searches in the apartment of the violator, representatives of law enforcement agencies withdrew computer equipment of the offender, Bank cards, additional media, and drafts. All withdrawn is sent for examination.
This translation makes the situation more clear: police were investigating the unnamed individual and seized his computer equipment as part of the investigation. Once caught, they discovered he’d infected a number of his own websites with Wannacry-like malware in order to profit illegally.
Over 1 Million Users Per Month Exposed
Cryptojacking and ransomware have largely faded out of the public mindset, as anti-virus software has been updated to combat it mostly. However, there are several later versions of all major attack suites roaming in the wild, and unprotected web surfers may still be victimized.
Police say the man operated a number of informational websites, all of which he used to infect visitors with Wannacry or other forms of cryptojacking software. He faces up to 6 years in prison as per Ukranian anti-hacking laws. The sites were estimated to have up to 1.5 million visitors per month, which means the odds of the attacker earning something from his efforts are high.
Ukraine has been the target of numerous ransomware campaigns in the past, according to some outlets.
The police announcement doesn’t provide many other details of the investigation. It doesn’t discuss how much the alleged attacker may have earned in his criminal pursuit or how many computers he managed to infect, for example.
Some cryptocurrency-related malware campaigns are estimated to have earned billions of dollars a few years ago. Law enforcement agencies around the world took the issue very seriously and numerous arrests have been made. Ransomware, in particular, which is the locks the owner out of his computer until a ransom is paid, has stung numerous public agencies.
Most recently, the public defenders’ organization in Boston was targeted with a ransomware attack. They were able to “thwart” the attack by using their own backups, but effectively the attack took them offline for weeks.