hngopher.com

       [HN Gopher] Ransomware group debuts searchable victim data
       ___________________________________________________________________
        
       Ransomware group debuts searchable victim data
        
       Author : picture
       Score  : 24 points
       Date   : 2022-06-14 19:59 UTC (3 hours ago)
        
 (HTM) web link (krebsonsecurity.com)
 (TXT) w3m dump (krebsonsecurity.com)
        
       | mig39 wrote:
       | How are they able to host a website on the public internet like
       | that, without it being taken down? Is it in Russia or something?
        
       | dontbenebby wrote:
       | Well they're hosting it directly, but there's a ton of paid
       | services that let you do this.
       | 
       | On my end I'd love to be able to know how those middlemen make
       | use of the data of who's asking for what... I always avoided
       | tools like Shodan or data brokers while sticking to Tor and
       | public wifi when possible because what you're looking up can tell
       | a lot.
        
       | gigaflop wrote:
       | So, like HaveIBeenPwned, but direct from the source?
        
         | nonrandomstring wrote:
         | I think not. More like Shodan for data. HaveIBeenPwned
         | ostensibly helps victims. This show is just upping the ante and
         | moving to open web visibility. What use is blackmailing anyone
         | if you haven't got an entertainments platform to deliver on?
         | They must be extraordinarily confident they are untouchable. If
         | it helps anyone it's as an ironic side effect. Think of this as
         | the NSA but with doors wide open and everything for sale for
         | the lols.
        
         | CrazyMusicians wrote:
         | Bingo! Their tagline should be, if you're here, you already
         | know you're screwed.
        
           | gigaflop wrote:
           | I can't help but wonder if they're using the inputs for
           | potential phishing attacks.
           | 
           | For certain high-value targets, perhaps they're lying, with
           | the intent of getting them to initiate some sort of
           | compromised password reset?
        
             | Agamus wrote:
             | Bingo! Their tagline should be, come here to get screwed!
        
               | c0balt wrote:
               | ... A line that is unfortunately already taken by another
               | industry. Though adjusting it to "get pwned" should be
               | alright.
        
       ___________________________________________________________________
       (page generated 2022-06-14 23:01 UTC)