Recovery Company Pays Ransom and Then Up Charges You
Proven Data Recovery Scam Transcript
This is from an article that initially appeared in Pro Publica, and I found it on Ars Technica myself. It is a fascinating article and written by a couple of people here, Renee Dudley and Jeff Cow.
It’s talking about the some of these companies here in the US that you can hire to help you out of ransomware, tight spot. Think about some of these we have read about, lately, The city of Atlanta, Georgia, Newark, New Jersey, the Port of San Diego, Hollywood Presbyterian Medical Center in LA. Atlanta, online water service requests and billing systems were down for over a month. Colorado Department of Transportation, they called in the National Guard, all because of cyber attacks. Apparently what has happened here is that the companies and in these cases, government institutions and hospitals, went to professionals and said, hey, what should we do now? The response from the FBI from the government, in general, is don’t pay ransoms.
Well, guess what happened here? The FBI said that the criminal actors were out of the reach of US law enforcement. But they were not apparently and out of the reach of this American company called Proven Data Recovery out of Elmsford, New York. It appears that these guys regularly made ransom payments to Sam Sam ransomware hackers over more than a year, according to Jonathan Storfer, who is a former employee who dealt with these ransom payments.
Now, Bitcoin transactions are somewhat anonymous and difficult to track. But I know in talking with some secret service agents that they have tracked people through public records and got convictions because of being able to track down some of these Bitcoin coin payments. Pro Publica was able to trace four of these payments, and this article goes on and on.
Another US company, Florida based company, Monster Cloud also professes to use their data recovery method, but turns out they were paying ransoms sometimes without informing law enforcement or the victims, this is bad.
Again, from Pro Publica, both of these companies charge their victim’s substantial fees on top of the ransom amount, and they offer other services such as sealing breaches to protect against future attacks.
Well, that’s what I do for a living, Right? I don’t try and do the recovery and no do I pay any ransom. There are many pieces of free recovery software out there that work in most cases. But, sometimes if you don’t have a good backup, you’re just out of luck. So, keep that in mind. Going to one of these companies, if you have ransomware on your computer is not going to solve the problem of ransomware. Because, some of these account companies, at least two of them in this case, according to Pro Publica, are making deals with the ransomware criminals, which is, in my opinion, not right.