Ransomware gang taunts IObit with repeated forum hacks

0

A ransomware gang continues to taunt Windows software developer IObit by hacking its forums to display a ransom demand.

On January 16th, the IObit forums were hacked as a neighborhood of an attack to distribute the DeroHE ransomware. During this attack, the threat actors emailed all of the IObit forum users with a free software promotion linking to a ransomware installer hosted on IObit’s forums.

When recipients downloaded the fake IObit software installer, they were infected with the DeroHE ransomware. To gain access to a decryptor, the threat actors demand $100 within the DERO cryptocurrency, or IObit could pay them $100,000 in DERO to decrypt all victims.

DeroHE is the first ransomware to need payment in DERO, which is probably going to market the cryptocurrency and increase its value.

DERO describes itself as a privacy coin that permits for secure and anonymous transactions and smart contract execution.

“Dero is the primary crypto project to combine a logo of labor blockchain with a DAG block structure and wholly anonymous transactions,” states the DERO website.

Ransomware gang taunts IObit in continued forum hacks

At the time of our original DeroHE reporting, the forum was still hacked with adware scripts that redirected users to adult sites when clicking on links.

Over the weekend, the ransomware actors again hacked the IObit forums to display a message demanding that IObit pay them $100,000 in DERO or the attacks would continue.

“Hello, your IObit has been hacked! A week has passed and your “antivirus” company remains doing nothing to secure their server! IObit sent us 100000 DERO or more hacks and leaks to return ,” read the IObit forum over the weekend.

Today, IObit appears to possess and pack up their forums while likely attempting to wash it from any web shells and patch vulnerabilities. Attempts to connect to the forum time out.

IObit users have privately expressed concerns regarding their frustration that IObit has not released an official statement about the ransomware attack and their forums’ repeated hacks.

 

LEAVE A REPLY

Please enter your comment!
Please enter your name here