Hackers Of Discontinued Iomega/Lenovo NAS Devices Demand Bitcoin Ransom
During early research, web application security specialists found at least 5,100 vulnerable devices and more than 3 million files exposed online. It is estimated that the exposed information could reach 40 terabytes; many of these exposed devices have already been indexed by commonly used search engines, such as Google. According to reports, some of the exposed folders contain sensitive information, such as payment card details and other financial data.
The vulnerability could have been exploited by a remote, unauthenticated attacker to access the files stored on the NAS devices by sending a specially crafted request via an API that was not protected with any authentication mechanism. The experts pointed out that the devices did not leak data through their web interface.
Ransom in Bitcoins has been on the rise lately. Companies and governments around the world are being targeted by ransomware attackers. The hackers encrypt data and disable IT systems before demanding payment in exchange for the decryption key.
Irreversible transactions are useful for cybercriminals as they can avoid chargebacks after they have delivered the decryption key. Or they can simply keep demanding more funds without ever delivering. For the attackers, it’s this quality that makes Bitcoin an attractive ransomware payment method. Bitcoin payments cannot be reversed or stopped, unlike wire transfers, prepaid cards, or SMS payments, which in some cases promise higher levels of anonymity.