City’s Ransomware Denials Exposed, Still Faces 100 BTC Demand

Published at: April 23, 2020

A ransomware gang has published personal and financial data from the Californian City of Torrance online — and threatened to reveal 200GB more unless their demands are met.

Calling themselves DoppelPaymer, the ransomware gang has demanded 100 Bitcoin (BTC) — worth around $700,000 — in exchange for not releasing any more files stolen in the March 1 cyberattack. 

The cyberattack erased the City's local backups and encrypted approximately 150 servers and 500 workstations. The release of the data is embarrassing for City officials who claimed that no private data from its 145,000 residents had been compromised in the attack. 

To prove it had, the group set up a site called “Dopple Leaks” with a sample of the hacked files, including city budget financials, accounting, and other documents belonging to the City Manager of Torrance.

The StateScoop website reports it has examined the files and uncovered individuals’ names, dates of birth, Social Security numbers, and other personal identifying information, as well as 181 pages of financial transactions that occurred in the 2019 fiscal year.

Ransomware attacks are down?

Despite Torrance’s fate, a recent report by malware lab Emsisoft showed that there was a significant drop in the number of successful ransomware attacks on the U.S. public sector for Q1 2020, partially due to more employees being forced to work remotely.

Emsisoft threat analyst Brett Callow told Cointelegraph:

“...it’s very obvious to ransomware attackers that they’ve got a potentially valuable target when they hit a corporate endpoint. It may however be less obvious when they hit a personal device that an employee is using while working remotely, and which is only connected to corporate resources on an intermittent basis. “

The Emsisoft report, however, also mentioned that ransomware attacks can be seasonal. The recent overall drop should not be a sign of complacency. An FBI report stated that victims paid roughly $144 million in BTC to ransomware hackers between October 2013 and November 2019. As many attacks go unreported, this is likely an underestimate.

Tags
Related Posts
Ransomware Attacks Are Way Down in the Midst of COVID-19
An April 21 report by malware lab Emsisoft showed that there was a significant drop in the number of successful ransomware attacks on the US public sector during Q1 2020. The findings show a total of 89 organizations were victims of ransomware in the first quarter of the year. And as the COVID-19 crisis deepened, successful attacks fell even lower, to levels "not seen in several years." Government entities were attacked less frequently, with those numbers going down from 19 in January to just seven in March. The same was mostly true for education: ten successful attacks in January, 14 …
Technology / April 21, 2020
Crypto in the crosshairs: US regulators eye the cryptocurrency sector
In her monthly Expert Take column, Selva Ozelli, an international tax attorney and CPA, covers the intersection between emerging technologies and sustainability, and provides the latest developments around taxes, AML/CFT regulations and legal issues affecting crypto and blockchain. Lately, news headlines are focused on regulators’ concerns over the lack of investor protections in the cryptocurrency market, which has ballooned to more than $2 trillion, and the possible risks to financial stability. National security agencies across the administration of United States President Joe Biden are grappling with high-profile cases of cryptocurrencies playing a role in ransomware attacks, intellectual property espionage, sanctions …
Regulation / Oct. 24, 2021
The IRS offers a $625,000 bounty to anyone who can break Monero and Lightning
The United States Internal Revenue Service has offered a bounty of up to $625,000 to anyone who can break purportedly untraceable privacy coins such as Monero (XMR) as well as trace transactions on Bitcoin’s (BTC) Lightning Network. The official proposal, published last week, says the IRS will accept submissions in the form of working prototypes until Sept. 16. If accepted, applicants will receive an initial payment of $500,000. This grant will allow applicants to develop their prototype into a working concept over the next eight months. Once the pilot test is completed and approved by the government, a further $125,000 …
Technology / Sept. 11, 2020
California University Pays Million-Dollar Crypto Ransom
The University of California at San Francisco School of Medicine reportedly paid a $1.14 million ransom in cryptocurrencies to the hackers behind a ransomware attack on June 1. According to CBS San Francisco, the UCSF IT staff first detected the security incident, stating that the attack launched by NetWalker group affected “a limited number of servers in the School of Medicine.” Although the areas were isolated by experts from the internal network, the hackers left the servers inaccessible and managed to deploy the ransomware successfully. A statement published by the University of California said: “The data that was encrypted is …
Technology / June 30, 2020
Celebrities May Have Their Dirty Secrets Exposed if Crypto Ransom Is Unpaid
The REvil ransomware gang says that they will auction over 1TB of data stolen from New York-based entertainment law firm, Grubman Shire Meiselas & Sacks. This data allegedly contains the “dirty” secrets of a number of celebrities. REvil claims that the contents involve sex scandals, drugs, and treachery. Nicki Minaj, LeBron James, and Mariah Carey among the alleged victims In a blog post, the ransomware group says they will begin the auction on July 1, noting that the first round will contain information from Nicki Minaj, Mariah Carey, and LeBron James. The price for each dataset is $600,000. Two days …
Technology / June 24, 2020