Tobias Frömel, is a German software developer, who was a victim of the Muhstik ransomware. Frömel initially paid the ransom to decrypt his files, but later decided to get his revenge on the crooks.
The expert hacked the server used by the Muhstik ransomware gang and released the decryption keys for all the victims of the group.
Attackers first get access to the NAS devices through
This ransomware targets network-attacked storage (NAS) devices made by Taiwanese hardware vendor QNAP. The gang behind the Muhstik ransomware is brute-forcing QNAP NAS devices that use weak passwords for the built-in
“The Muhstik ransomware is reportedly being used to target QNAP NAS devices. Devices using weak SQL server passwords and running
“We strongly recommend that users act immediately to protect their data from possible malware attacks.
The developer published on Pastebin the 2,858 decryption keys found on the hacked server and clarified that he was aware that the hack back is not legal.
Frömel also published a
In the meantime, Frömel has been busy notifying Muhstik victims on Twitter about the
According to ZDNet, which first reported the news, Frömel notified authorities and also provided information to track down members of the Muhstik gang.
This case highlights the importance of working with the authorization of law enforcement before conducting hacking back.
(SecurityAffairs – Muhstik ransomware, hacking)
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.