It is commonplace for regulation enforcement businesses to supply substantial rewards for data which could result in the identification, arrest, and conviction of cybercriminals.
As an example, we’ve got seen a US $10 million reward for suspected LockBit ransomware mastermind Dmitry Yuryevich Khoroshev, a $2.5 million bounty provided for the arrest of a key particular person suspected of involvement with the Angler Exploit Equipment, and a $10 million reward provided for details about the Russian navy hackers implicated within the NotPetya assault, amongst many different examples.
So it in all probability did not appear so unusual that an array of cybersecurity information retailers introduced final week that Europol was providing a reward of as much as $50,000 for details about two senior members of the Qilin ransomware gang.
Sadly, it wasn’t true.
As Bleeping Pc stories, a brand new Telegram channel known as @europolcti was created earlier this month and that’s the place the faux information of the $50,000 reward was posted moderately than on Europol’s web site, or official social media accounts.
The textual content of the faux reward supply learn partly:
Through the course of ongoing worldwide investigations, we’ve got confirmed that the cybercriminal group Qilin has carried out ransomware assaults worldwide, severely disrupting crucial infrastructure and inflicting vital monetary losses.
The message continued by claiming that Europol had recognized that Qilin gang’s main directors, who oversaw extortions and co-ordinated associates, used the net aliases “Haise” and “XORacle”.
A reward of as much as $50,000 is obtainable for data that instantly results in the identification or location of those directors.
Now, that actually could be information value writing about if it had been true (though, if I might be churlish, I view the dimensions of the reward as probably not being in the identical league as different bounties provided previously), however it has been confirmed as nonsense by Europol itself.
As with a lot of social media, it is easy for anybody to create an account claiming to be whoever they like. And if any posts they make occur to generate some traction, it could actually quickly be the case that the information is multiplying and spreading uncontrolled all over the world.
So, why precisely did somebody put up information of a faux bounty for data resulting in members of the Qilin ransomware gang?
Effectively, a potential rationalization is likely to be present in a subsequent put up on the channel from somebody calling themselves “Rey”:
This was really easy o run and idiot so known as ‘Researchers’ and ‘Journalists’ that simply copy stuff.. Thanks all!
Europol’s Qilin ransomware bounty could also be nonsense. However the ransomware itself is a severe menace, and no laughing matter. Earlier this yr an official investigation linked an assault by Qilin in opposition to a UK NHS supplier as being one of many elements that precipitated a affected person’s demise.
