nioj
11 hours ago
Related: Cybersecurity Employees Plead Guilty to Ransomware Attacks Using ALPHV BlackCat (justice.gov): https://news.ycombinator.com/item?id=46438478
U.S. cybersecurity experts plead guilty for ransomware attacks
71 pointsposted 12 hours ago
by robotnikman11 Comments
hackermailman
11 hours ago
I assume this works where the ransomware authors, who likely are in some untouchable nation and the son of some major politician, provide a binary/kit with their own addresses to take the ransom then pay the person who planted it out minus their cut. Those wallets used for paying crime commissions are probably reused often or otherwise identified as they don't care if you get caught and you need to either sit on those coins for years until the limitations runs out or have enough knowledge to (correctly) wash them and anyone doing this is already making bad life decisions so likely greedy and cashed those in a traceable way like driving to work in his new Ferrari.
ekjhgkejhgk
11 hours ago
I don't usually open court documents, so I have no idea what to expect. But I notice that there's no description of evidence. Is this because they weren't sentenced yet? Or what? Will we be able to see how they were caught?
Jimmc414
11 hours ago
An indictment is a formal accusation of wrongdoing and only needs to allege facts sufficient to inform the defendant of the charges. Evidence is disclosed to the defense during discovery and presented to the court at trial.
jfengel
10 hours ago
They pled guilty, so we'll probably never know how the case was to be structured.
spcharc
11 hours ago
Who needs hackers if you have IT experts like this
observationist
10 hours ago
They went and hired ransomware-as-a-service hackers and sold out their respective charges in exchange for 80% of the ransom.
They had degrees and certifications and job experience with big name firms, and they were dumb as bricks. I think it's a gold plated example of modern credentialism. We're churning out hordes of "certified" idiots getting green-lit by pedigreed managers and MBAs following "successful patterns" and nobody has a damn clue how things work or why. And we let them vote.
nebula8804
3 hours ago
The demand is higher than the supply and the capital class cannot have that hence: "Learn to code", "Certifications", all these H4XØR cons popping up.
fathermarz
8 hours ago
There is an ongoing trend that sees insider threats becoming more prevalent in critical systems, than external “adversarial” attacks.
Positively ridiculous.
jacquesm
an hour ago
Was it ever different then?
bamboozled
11 hours ago
Just pay for a pardon and you’re good. Freedom.