UK Ransomware company helps people by paying hackers, paying huge fees

Payment Cards

Allegedly, Red Mosquito has a lucrative sideline in place for victims of ransomware.

In the cybercriminal globe of ransomware, a Scottish IT provider is supposed to be skipping the top— paying hackers to charge a significant fee.

Ransomware is a particularly virulent type of malware that can trigger consumer and corporate business chaos and heartbreak.

If ransomware can infiltrate a system effectively, it can lock equipment, encrypt content, and spread to other PCs on a network in some instances. The worldwide epidemic of WannaCry shows how harmful an infection can be, since that family of malware can disrupt organisations like Telefónica, National Health Service of the United Kingdom, Deutsche Bahn and TSMC.

Ransomware often tries to blackmail victims to pay ransom claims in return for a decryption key to recover their files and unlock their system–Bitcoin or other forms of cryptocurrenzy.

While there is no assurance that the key will ever appear or operate, many victims pay, a latest example being Riviera City in Florida, which paid hackers $600,000 after a ransomware epidemic shut down most town facilities for weeks.

Since the massive destruction that Ransomware can cause it is not surprising that payments have been made–and while bowing to these requirements, ensuring that the malware variant remains profitable, some companies are supposed to cash in by further exploiting their victims.

A recent study by ProPublica has claimed that Red Mosquito, a company with the slogan’ Your IT department,’ benefits from ransomware in what might be considered a morally turbulent business.

Emsisoft security investigator Fabian Wosar worked with the published sting to see Red Mosquito’s handling of ransomware infections and the needs of the victims as a hacker and a victim.

Wosar developed a fake version of ransomware, dubbed Gotcha, and drew up a note for ransomware. The security investigator contacted Red Mosquito when posing as a victim of the’ infection’ of the ransomware on a home server he needed to recover desperately.

Throwaway email addresses were used as victims as well as hackers.

Wosar said that Red Mosquito Data Recovery (RMDR), a leading company offshoot, had failed to purge the ransomware infection used during the procedure; instead it supposedly came’ literally directly to the ransomware author within minutes’ to pay off the requirement.

After the company told the victim that it was “running tests,” through the second trash email account, Red Mosquito contacted the’ hacker’ to negotiate the fee from $1200 in Bitcoin to $900. A suggested fee for the victim to obtain their files and access back within three working days was then sent to Wosar of $3,950.

RMDR said the company was offering a “professional alternative” to paying offenders on its website. The declaration seems to have been deleted after being contacted by ProPublica.

The IT company’s FAQ page states, “We don’t suggest dealing with the’ hacker’ directly. In many instances, paying the ransom may be the only way to get your information retrieved and it’s best to get an experienced advisor to help with this process.” This could be regarded as playing on the feelings and moral profits of a victim, as the safety investigator pointed out that victims are often perpetrators.

At the time of publication, Red Mosquito did not respond to requests for comment.

Mark Funk
Mark Funk is an experienced information security specialist who works with enterprises to mature and improve their enterprise security programs. Previously, he worked as a security news reporter.