{"id":66,"date":"2021-10-02T14:32:59","date_gmt":"2021-10-02T18:32:59","guid":{"rendered":"https:\/\/community.mis.temple.edu\/mis5211sec002fall2021\/?p=66"},"modified":"2021-10-24T13:49:14","modified_gmt":"2021-10-24T17:49:14","slug":"wanted-disgruntled-employees-to-deploy-ransomware","status":"publish","type":"post","link":"https:\/\/community.mis.temple.edu\/mis5211sec002fall2021\/2021\/10\/02\/wanted-disgruntled-employees-to-deploy-ransomware\/","title":{"rendered":"Wanted: Disgruntled Employees to Deploy Ransomware"},"content":{"rendered":"<p><span style=\"font-weight: 400\">Cybercriminals are asking employees to install ransomware on their company\u2019s network in exchange for a portion of the profits.\u00a0 The article details security researcher, Crane Hassold\u2019s, experience engaging with a scammer offering 40% of the multi-million dollar ransom. The actor disclosed to Hassold that he originally tried phishing senior executives unsuccessfully, which is why he\u2019s reaching out to insiders and asking to partner.\u00a0 Hassold was asked to install the Demonware ransomware strain which is freely available on Github.<\/span><\/p>\n<p><span style=\"font-weight: 400\">Ransomware typically requires more sophistication to deploy.\u00a0 The actor used techniques commonly associated with business email compromise to engage the user and manipulate them to act on their behalf.\u00a0 It\u2019s similar to other scams involving wire transfers, but the payload is ransomware.<\/span><\/p>\n<p><span style=\"font-weight: 400\">Approaching employees directly is not new; however, there are growing concerns about disgruntled employees creating identities on the darknet and offering to launch insider attacks for a fee.\u00a0 The article cites the Lockbit 2.0 ransomware-as-a-service gang that included a solicitation for insiders in the desktop wallpaper left behind on systems encrypted with the malware.<\/span><\/p>\n<p>&nbsp;<\/p>\n<p><span style=\"font-weight: 400\">Article: Wanted: Disgruntled Employees to Deploy Ransomware<\/span><\/p>\n<p><span style=\"font-weight: 400\">Author: Brian Krebs<\/span><\/p>\n<p><span style=\"font-weight: 400\">Published: August 19, 2021\u00a0<\/span><\/p>\n<p><span style=\"font-weight: 400\">Link: <\/span><a href=\"https:\/\/krebsonsecurity.com\/2021\/08\/wanted-disgruntled-employees-to-deploy-ransomware\/\"><span style=\"font-weight: 400\">https:\/\/krebsonsecurity.com\/2021\/08\/wanted-disgruntled-employees-to-deploy-ransomware\/<\/span><\/a><\/p>\n<p>&nbsp;<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Cybercriminals are asking employees to install ransomware on their company\u2019s network in exchange for a portion of the profits.\u00a0 The article details security researcher, Crane Hassold\u2019s, experience engaging with a scammer offering 40% of the multi-million dollar ransom. The actor disclosed to Hassold that he originally tried phishing senior executives unsuccessfully, which is why he\u2019s [&hellip;]<\/p>\n","protected":false},"author":26653,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_genesis_hide_title":false,"_genesis_hide_breadcrumbs":false,"_genesis_hide_singular_image":false,"_genesis_hide_footer_widgets":false,"_genesis_custom_body_class":"","_genesis_custom_post_class":"","_genesis_layout":"","footnotes":""},"categories":[452],"tags":[449],"class_list":{"0":"post-66","1":"post","2":"type-post","3":"status-publish","4":"format-standard","6":"category-week-6","7":"tag-week-6","8":"entry"},"jetpack_featured_media_url":"","_links":{"self":[{"href":"https:\/\/community.mis.temple.edu\/mis5211sec002fall2021\/wp-json\/wp\/v2\/posts\/66","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/community.mis.temple.edu\/mis5211sec002fall2021\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/community.mis.temple.edu\/mis5211sec002fall2021\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/community.mis.temple.edu\/mis5211sec002fall2021\/wp-json\/wp\/v2\/users\/26653"}],"replies":[{"embeddable":true,"href":"https:\/\/community.mis.temple.edu\/mis5211sec002fall2021\/wp-json\/wp\/v2\/comments?post=66"}],"version-history":[{"count":1,"href":"https:\/\/community.mis.temple.edu\/mis5211sec002fall2021\/wp-json\/wp\/v2\/posts\/66\/revisions"}],"predecessor-version":[{"id":67,"href":"https:\/\/community.mis.temple.edu\/mis5211sec002fall2021\/wp-json\/wp\/v2\/posts\/66\/revisions\/67"}],"wp:attachment":[{"href":"https:\/\/community.mis.temple.edu\/mis5211sec002fall2021\/wp-json\/wp\/v2\/media?parent=66"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/community.mis.temple.edu\/mis5211sec002fall2021\/wp-json\/wp\/v2\/categories?post=66"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/community.mis.temple.edu\/mis5211sec002fall2021\/wp-json\/wp\/v2\/tags?post=66"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}