"Unskilled group" is responsible for multiple, crappy ransomware attacks


Software can be thought of as a system for encapsulating the expertise of skilled practitioners; translate the hard-won expertise of a machinist or a dental technician or a bookkeeper into code, and people with little expertise in those fields can recreate many of the feats of the greatest virtuosos, just by hitting Enter.

The encapsulation is imperfect, of course: you'll get better results from a skilled typographer and layout software than from an amateur with the same app. But for many real-world applications, imperfect is good enough.


Hacking is no exception.


The systems and tools targeted by malicious hackers are notoriously badly secured — even highly sensitive systems are effectively wide open, to say nothing of the millions of internet of shit gadgets that have no security, making them vulnerable to "clumsy, amateurish" attacks.

So it's unsurprising that the people behind a series of laughably terrible ransomware attacks are "unskilled," unsuccessfully recycling freely downloadable ransomware attacks and following recipes to deploy them against victims around the world, changing identities when they get discovered (but forgetting to switch Hotmail addresses when they do).


But the thing is, information security is such a dumpster fire that it doesn't matter how shitty the attackers are, the systems they're attacking will be shittier. These guys are total idiots, but that doesn't mean they're not racking up wins, and they're getting better. I betcha they'll managed to get the formula right by the summer and start raking it in.


Last week, security researcher MalwareHunter has come across a new ransomware family which appeared to be closely related to the modus operandi and internal structure of the CryPy ransomware.

Calling itself SADStory, this ransomware family featured a familiar email address — tuyuljahat@hotmail.com — which crooks made the mistake of reusing for the third time.


Three days later, after realizing they've exposed most of their past deeds, the group behind SADStory decided to stop hiding and confessed to all their crimes.

Unskilled Group Behind Many Junk Ransomware Strains

[Catalin Cimpanu/Bleeping Computer]