I assume this works where the ransomware authors, who likely are in some untouchable nation and the son of some major politician, provide a binary/kit with their own addresses to take the ransom then pay the person who planted it out minus their cut. Those wallets used for paying crime commissions are probably reused often or otherwise identified as they don't care if you get caught and you need to either sit on those coins for years until the limitations runs out or have enough knowledge to (correctly) wash them and anyone doing this is already making bad life decisions so likely greedy and cashed those in a traceable way like driving to work in his new Ferrari.
I don't usually open court documents, so I have no idea what to expect. But I notice that there's no description of evidence. Is this because they weren't sentenced yet? Or what? Will we be able to see how they were caught?
An indictment is a formal accusation of wrongdoing and only needs to allege facts sufficient to inform the defendant of the charges. Evidence is disclosed to the defense during discovery and presented to the court at trial.
They went and hired ransomware-as-a-service hackers and sold out their respective charges in exchange for 80% of the ransom.
They had degrees and certifications and job experience with big name firms, and they were dumb as bricks. I think it's a gold plated example of modern credentialism. We're churning out hordes of "certified" idiots getting green-lit by pedigreed managers and MBAs following "successful patterns" and nobody has a damn clue how things work or why. And we let them vote.
Related: Cybersecurity Employees Plead Guilty to Ransomware Attacks Using ALPHV BlackCat (justice.gov): https://news.ycombinator.com/item?id=46438478
I assume this works where the ransomware authors, who likely are in some untouchable nation and the son of some major politician, provide a binary/kit with their own addresses to take the ransom then pay the person who planted it out minus their cut. Those wallets used for paying crime commissions are probably reused often or otherwise identified as they don't care if you get caught and you need to either sit on those coins for years until the limitations runs out or have enough knowledge to (correctly) wash them and anyone doing this is already making bad life decisions so likely greedy and cashed those in a traceable way like driving to work in his new Ferrari.
I don't usually open court documents, so I have no idea what to expect. But I notice that there's no description of evidence. Is this because they weren't sentenced yet? Or what? Will we be able to see how they were caught?
An indictment is a formal accusation of wrongdoing and only needs to allege facts sufficient to inform the defendant of the charges. Evidence is disclosed to the defense during discovery and presented to the court at trial.
They pled guilty, so we'll probably never know how the case was to be structured.
Who needs hackers if you have IT experts like this
They went and hired ransomware-as-a-service hackers and sold out their respective charges in exchange for 80% of the ransom.
They had degrees and certifications and job experience with big name firms, and they were dumb as bricks. I think it's a gold plated example of modern credentialism. We're churning out hordes of "certified" idiots getting green-lit by pedigreed managers and MBAs following "successful patterns" and nobody has a damn clue how things work or why. And we let them vote.
The demand is higher than the supply and the capital class cannot have that hence: "Learn to code", "Certifications", all these H4XØR cons popping up.
There is an ongoing trend that sees insider threats becoming more prevalent in critical systems, than external “adversarial” attacks.
Positively ridiculous.
Was it ever different then?
Just pay for a pardon and you’re good. Freedom.