When the tables turn and hackers cry for help
Security researcher and Chief Technology Officer at Emsisoft, Fabian Wosar, makes headlines again. Our Lab team did not know if they should laugh or cry when they received a request for help with a bug in Apocalypse ransomware developers code. Bleeping Computer reports that Fabian was contacted through their forums where he regularly helps victims of ransomware to decrypt their data.
“During their exchange, the ransomware coder has asked Wosar to help their crew fix a bug in the ransomware’s encryption process that causes files to be overwritten with junk data.”
In the exchange, the developer attempted to use flattery and to appeal to his sympathetic nature.
Fabian posted about the request on Twitter. Professionals from Infosec and various security researchers have weighed in. Most suggested that he should not help those who benefit from the suffering of ransomware attack victims. Others felt that by helping to correct the code, the victims who paid the money to have their files recovered would in fact receive their data and not files filled with garbage. Fabian is yet to decide.
Apocalypse, who sent the request, are the same developers who recently renamed a strain of their ransomware to ‘Fabiansomware’ to try to have him labelled as its creator. Fabian has cracked several versions of their ransomware in the past and distributed the decrypter keys for free.
Fabian has become something of a hacker helpline in recent days with another ransomware family, fs0ciety, contacting him to sell him decrypter keys for ransomware he had hacked weeks beforehand.
For as long as he continues this kind of work he will remain a target with the hope that users won’t have to be.
Have a nice (ransomware-free) day!
Emsisoft products proven 100% effective in AVLab study