https://foreignpolicy.com/2019/05/01/going-toe-to-toe-with-ukraines-separatist-hackers-cyber-russia/
By Elias Groll
Foreign Policy
May 1, 2019
The hacker realized that he was being watched.
The spy software he was attempting to run against the Ukrainian government had
infected the wrong machine, and now an analyst working for an American security
company was picking apart the program - known as RatVermin - trying to
understand how it worked.
The hacker, likely working on behalf of the Luhansk People’s Republic, a
breakaway region of Eastern Ukraine, first tried to run a ransomware program
dubbed Hidden Tear to scramble the contents of the computer it had mistakenly
infected. The program would have made the computer useless to the analyst and
flashed a sardonic message: “Files have been encrypted with hidden tear. Send
me some bitcoins or kebab. And I also hate night clubs, desserts, being drunk.”
But the analyst blocked the program from executing, and then, for a few hours
on March 20, 2018, the two engaged in the digital equivalent of hand-to-hand
combat.
The hacker tried to delete the software being used by the analyst to understand
RatVermin, a custom-made all-purpose spy tool. The analyst simply reset the
machine and booted RatVermin back up, this time with a question displayed on
the screen: Why had the hacker tried to run ransomware on the computer?
The hacker replied with a one-word question: "Mad ?"
[...]
--
Subscribe to InfoSec News
https://www.infosecnews.org/subscribe-to-infosec-news/
https://twitter.com/infosecnews_
