via krebsonsecurity.com
Criminal hackers will try almost anything to get inside a profitable
enterprise and secure a million-dollar payday from a ransomware
infection. Apparently now that includes emailing employees directly and
asking them to unleash the malware inside their employer’s network in
exchange for a percentage of any ransom amount paid by the victim
company.
Crane Hassold, director of threat intelligence at Abnormal Security, described what happened after he adopted a fake persona and responded to the proposal in the screenshot above. It offered to pay him 40 percent of a million-dollar ransom demand if he agreed to launch their malware inside his employer’s network.
This particular scammer was fairly chatty, and over the course of
five days it emerged that Hassold’s correspondent was forced to change
up his initial approach in planning to deploy the DemonWare ransomware strain, which is freely available on GitHub. more