PandaBuy pays ransom to hacker only to get extorted again - eviltoast

LOL

  • Olap@lemmy.world
    link
    fedilink
    English
    arrow-up
    102
    arrow-down
    1
    ·
    5 months ago

    Never pay ransomware. Just write the data off. Learn how to take decent backups

    • saltesc@lemmy.world
      link
      fedilink
      English
      arrow-up
      52
      ·
      5 months ago

      It’s bad business to not be honest and trustworthy. If a hacker group is known to always give back the data and not strike twice, they are obviously much more likely to get paid. No one’s paying someone known for ripping off. We see this in company ransomwware all the time. They are friendly, helpful in explaining the breech, and professional. If they were the opposite, they’d be broke.

      • Alphane Moon@lemmy.ml
        link
        fedilink
        English
        arrow-up
        34
        ·
        5 months ago

        It’s an interesting dynamic where the ransomware groups have to be reliable and professional for their business model to work.

        • Neshura@bookwormstory.social
          link
          fedilink
          English
          arrow-up
          10
          ·
          5 months ago

          It was the same with Pirates, if you get a bad Rep with your extortion business you’re just making your own life harder down the line

    • tal@lemmy.today
      link
      fedilink
      English
      arrow-up
      44
      ·
      edit-2
      5 months ago

      The article says that they weren’t paying to recover their only copy of data, but to prevent it from being leaked:

      to prevent stolen data from being leaked

      Backups (or more backups) wouldn’t have helped.

    • umami_wasabi@lemmy.mlOP
      link
      fedilink
      English
      arrow-up
      16
      ·
      edit-2
      5 months ago

      Not ransomware but just ransom to data exfil by a vulnerable API. But paying is still a dumb idea.

        • vvv@programming.dev
          link
          fedilink
          English
          arrow-up
          6
          ·
          edit-2
          5 months ago

          "Hi, I just sent the ransom payment to the Bitcoin address you provided.
          "Now you’ll unlock my data, right?
          “… right?”

          • downpunxx@fedia.io
            link
            fedilink
            arrow-up
            3
            arrow-down
            7
            ·
            5 months ago

            has worked 100% percent of the time (probably a dozen times) I’ve shepherded future clients who have called me for assistance, because all their customer information, vendor data, and billing was locked, and they didn’t have backups. if you’re fucked, you chalk it up to a business expense whether or not you get your data back. you pay the ranson, and you pray. then when you get access to your data again, you lock it down. always. everytime.

            • Albbi@lemmy.ca
              link
              fedilink
              English
              arrow-up
              3
              arrow-down
              2
              ·
              5 months ago

              Sure. Make it profitable to the hackers to keep doing it.

              • laurelraven@lemmy.blahaj.zone
                link
                fedilink
                English
                arrow-up
                1
                ·
                5 months ago

                If the alternative is “likely go out of business”, then yeah…

                They already made it profitable for the hackers by not backing their data up properly, this is just that bill coming due.

    • Jas91a@lemmy.world
      link
      fedilink
      English
      arrow-up
      5
      ·
      edit-2
      5 months ago

      I mean news like this is the best way to stop people paying, I hope every business that doesn’t pay sends the hackers this article and says this is why

      • PhobosAnomaly@feddit.uk
        link
        fedilink
        English
        arrow-up
        3
        ·
        5 months ago

        How is someone getting control of their data by paying a ransom?

        The opposing actor still has your data, so it doesn’t really matter how much you pay, you’ll never be able to mitigate that security issue, surely?

  • Uriel238 [all pronouns]@lemmy.blahaj.zone
    link
    fedilink
    English
    arrow-up
    3
    ·
    5 months ago

    Isn’t the next step to take the same amount of money and offer it to any bounty hunter that brings back the heads of the hackers (with sufficient evidence to link the heads to the attack)?

    Maybe I watch the wrong movies.

  • Wispy2891@lemmy.world
    link
    fedilink
    English
    arrow-up
    2
    ·
    5 months ago

    Wasn’t panda buy also recently targeted by a joint investigation from Nike and the Chinese government which led to the seizure of many warehouses for counterfeited items?

  • KevonLooney@lemm.ee
    link
    fedilink
    English
    arrow-up
    2
    arrow-down
    19
    ·
    5 months ago

    exposing customer names, phone numbers, email addresses, login IP addresses, home addresses, and order details.

    So, nothing important? You know what else has names, phone numbers, home addresses, etc? Publicly available databases. It’s called a phone book. IP addresses? Please. It’s not static anyway and it might just lead to a VPN.

    • Madlaine@feddit.de
      link
      fedilink
      English
      arrow-up
      15
      ·
      edit-2
      5 months ago

      To prove your point, please dox yourself.

      I’d be interested in your full name, address, your phone numbers, your email adresses, birth date and credit information (which is probably in the order details)

    • Veddit@lemmy.world
      link
      fedilink
      English
      arrow-up
      7
      ·
      5 months ago

      It’s what they can do with all of it together. Particularly about calling you and pretending to be a real company, phishing you, because if they called your phone and confirmed your email, name, and home address and order details with you, then it’s likely many people would believe them.