Many hackers have started cleaning files on publicly accessible storage devices and are just leaving Bitcoin ransom note in stead of the data.
Users have taken to the forums on BleepingComputer to say that files on their Lenovo Iomega NAS (network-attached storage) devices are reportedly being either hidden or deleted. So, the attackers are demanding ransom in Bitcoin for the return of the victim’s files.
As reported by The Next Web:
“Iomega network storage devices have a publicly accessible front-end, so users can access their files over the internet. This is a great feature if you want to run your own “cloud” on your home network, but if you don’t appropriately secure it, the device will be open for the world to see.”
Following the attack, victims are finding their NAS drives empty asides for a txt file with the name “YOUR FILES ARE SAFE!!!” One of the notes for the attackers demands $280 in Bitcoin (0.03 BTC). With this, attackers gibe the victims a time limit to pay them by 1st August 2019 or the files will be gone for good.
With today being the 3rd, we can only hope that the victims got back their crypto but at the time of writing, it is unknown.
Every victim seems to be getting special treatment as the attackers have generated new messages for every individual. Although it’s worth saying that it isn’t quite clear if it’s the same group of hackers responsible for the attacks themselves, but it is suspected to be so.
Each ransom note appears to list a different Bitcoin address and the amount of Bitcoin hackers demand varies between 0.01 and 0.05, or $100 and $470 respectively.
A lot of data hacks have been known to go into six figures so this is actually a really low amount. Especially, when you consider these attacks are most likely on individuals, hackers might be hoping that the low price is just enough to lure the victims in to actually pay them.
One of the addresses used in the attack has received nine payments since June 27th so it seems that this has worked on some of them. So far, almost $2,000 has been put into the address.