A group of hackers is fighting online scammers by targeting "scam" companies with ransomware and denial-of-service attacks. A new ransomware called MilkmanVictory was recently discovered online and the hackers behind it, called CyberWare, revealed in a Twitter post that they had created it specifically to send to scammers. BleepingComputer also spoke to the group, which said it had begun targeting companies that do what they call "loan scams." In these scams, victims are told they will receive a loan after making a payment to a business, but in reality, there is no loan and no way to get their money back.
- Lock My PC fights tech support scammers with free recovery keys
- Hackers turn supercomputers into cryptocurrency mining rigs
- We also highlight the best protection against ransomware
Target scammers
As part of its new campaign against scammers, CyberWare is sending out phishing emails that contain links to executable files disguised as PDF files. The group is also carrying out denial of service attacks to take down the websites of scam companies. MilkmanVictory ransomware is distributed as a destructive attack because it does not provide victims with a way to contact the attackers and does not save the encryption key. Instead, victims receive a ransom note on their computer stating: "Hello! This computer was destroyed with the MilkmanVictory Ransomware because we know you are a scammer! - CyberWare Hackers :-)". The new ransomware is apparently based on HiddenTear and for this reason, if a key is not saved, it can still be cracked using brute force attacks. CyberWare claims to have targeted German loan company Lajunen with a DDoS attack and emails spreading its ransomware. As of this writing, the company's website is still down, which supports the group's claims.- Also take a look at our overview of the best terminal protection software