Avenger hackers attack scammers
“Avengers” hackers decided to take justice into their own hands and independently punish “fraudulent” companies using ransomware and DDoS attacks.
Last week, a new ransomware program, MilkmanVictory, was discovered, according to its authors, created specifically for attacks on fraudsters. In an interview with BleepingComputer, representatives of the cybercrime group CyberWare said they had begun to attack companies that were “credit scammers.” According to them, these companies promise a loan, but first they ask for payment. However, after making payment, no loan is issued.
During the attack, cybercriminals send a phishing email to the victim with a link to a malicious executable file disguised as a PDF document. In addition, they carry out DDoS attacks on the company's website.
Ransomware is a viper that allows you to contact operators, but does not save the encryption key. Instead of a ransom note, MilkmanVictory leaves a message that reads: “Hello! This computer was destroyed using the MilkmanVictory ransomware, because we know that you are scammers! CyberWare Hackers. "
“I do not ask for money, because fraudsters do not deserve to receive money by deceiving innocent people,” one of the hackers said.
According to cybercriminals, they attacked the German credit company Lajunen Loan, which did not please them, with the help of DDoS and ransomware.
The MilkmanVictory extortion software is based on HiddenTear. In other words, even if the ransomware does not save the encryption keys, the files can still be decrypted using brute force. HiddenTear victims can decrypt their files using a Michael Gillespie decryptor.