dasvidaniya
Alleged GandCrab Distributor Arrested in Belarus:
A 31-year-old man who allegedly distributed versions of the GandCrab ransomware has been arrested in Belarus for possession and distribution of malware, according to the country's Ministry of Internal Affairs.
On July 30, government officials in Belarus announced that the unnamed suspect, who lives in the city of Gomel, was arrested by police in cooperation with the authorities from the U.K. and Romania. GandCrab ransomware was pulled from distribution by its creators in 2019 (see: Did GandCrab Gang Fake Its Ransomware Retirement?).
Officials in Belarus note that the suspect also appears to have also been distributing cryptominers and programming malicious codes for illegal forums. The suspect apparently obtained a strain of the Gancrab ransomware by joining a darknet forum and then learned how to operate as a GandCrab affiliate, according to the Ministry of Internal Affairs. The creator of the GandCrab malware offered it to others using a ransomware-as-a-service model.
Once the suspect obtained the malware, he sent malicious PDF files through spam emails to victims to infect their system, authorities allege. The suspect charged a fee of about $1,200 in cryptocurrency to decrypt each of the infected systems, the ministry says. The suspect leased servers to conduct his operation and used the ransomware profits to pay for the facilities, it alleges.
The hacker allegedly targeted victims in more than 100 countries, including the U.S., U.K. India, Germany, France, Italy and Russia, says Vladimir Zaitsev, the deputy head of the high-tech crimes department of the Ministry of Internal Affairs.
(Score: 1, Redundant) by Arik on Thursday August 06 2020, @10:18AM (4 children)
So if I possess malware, which I need to do in order to study it and defeat it, and if I share that malware with others, who need it for the same reason, this is now a crime in Belorus?
"Once the suspect obtained the malware, he sent malicious PDF files through spam emails to victims to infect their system, authorities allege"
Oh, so he was involved in fraud.
Charge him with fraud then.
What's this "possession of malware" bullshit?
Everyone with a copy of windows 10 is guilty of /that/.
Maybe that's the point?
If laughter is the best medicine, who are the best doctors?
(Score: 0) by Anonymous Coward on Thursday August 06 2020, @10:56AM (3 children)
I can't speak for Belarusian law but similar laws in other jurisdictions typically make exceptions for security researchers. However, selling malware for use by criminals should be illegal. Do you know if Belarusian law has such an exception?
Although Windows 10 telemetry raises serious concerns, it's absurd to liken the malware in this story to Windows 10. For all the legitimate criticism of Windows 10, it is not designed to encrypt your files and demand you pay $1,200 in cryptocurrency to get a decryption key.
As for why the suspect wasn't charged with fraud, it's possible those charges will be added later. It's also possible that because he targeted victims in other countries, he may not be charged in Belarus but may well have violated the laws of other countries. There was coordination between Belarus and other countries so it's possible, depending on international treaties, that the suspect could eventually be extradited to face additional charges in other countries.
(Score: 2, Informative) by RandomFactor on Thursday August 06 2020, @04:27PM (1 child)
/me quietly renews their O365 subscription and considers that there is more than one way to skin a 'customer'
В «Правде» нет известий, в «Известиях» нет правды
(Score: 0) by Anonymous Coward on Thursday August 06 2020, @06:08PM
Although LibreOffice isn't perfect, it does a pretty good job of interoperability with Office documents. There's a difference between proprietary file formats, however undesirable and frustrating, versus encrypting data. Anyone using Office 365 has voluntarily consented to the subscription model and has alternatives available such as LibreOffice. Ransomware is not consensual at all, which is a key difference.
(Score: 1, Informative) by Anonymous Coward on Thursday August 06 2020, @06:52PM
"For all the legitimate criticism of Windows 10, it is not designed to encrypt your files and demand you pay $1,200 in cryptocurrency to get a decryption key."
no, you ridiculous slave, you voluntarily pay MS to scan your whole HDD to use your data against you. The whole thing is a malware delivery platform. wake the fuck up.