Search This Blog

Powered by Blogger.

Blog Archive

Labels

Showing posts with label Victims. Show all posts

Canadian Cybercriminal Sentenced to Two Years Agrees to Return All Victims for Stolen Funds

 

A Canadian hacker hailing from Ottawa, Matthew Philbert, known for his prolific cyber exploits, particularly targeting individuals, has been sentenced to a two-year prison term.

Philbert's modus operandi involved infecting computers with malware, gaining unauthorized access to devices, and manipulating them for financial gain. His unlawful activities encompassed a variety of tactics, including siphoning funds from bank accounts and employing ransomware to extort money from victims.

Philbert's criminal endeavors, which affected over 1,000 victims, ranged from individuals to businesses, even extending to three police departments. His preferred method of attack typically involved sending deceptive emails containing malicious attachments, which, upon opening, facilitated the infiltration of the victim's device. 

Once inside, Philbert would exploit the compromised systems to conduct unauthorized transactions or deploy ransomware, effectively holding devices hostage until a ransom was paid.

In 2021, Philbert's criminal activities were brought to a halt following his arrest by the Ontario Provincial Police, leading to his subsequent imprisonment. During the investigation, authorities discovered 0.61943121 Bitcoin (BTC) in Philbert's possession, which was seized as part of the legal proceedings.

Having pleaded guilty to charges of fraud and related offenses, Philbert has committed to providing full restitution to his victims. The seized Bitcoin, amounting to approximately $49,200, will be utilized to reimburse all affected parties for their losses. This initiative ensures that victims receive compensation for the financial harm inflicted upon them by Philbert's cybercrimes.

Ransomware Profits Shrink, as Victims Refuse to Pay

 

As per data from blockchain analysis firm Chainalysis, ransomware revenue for 2022 has dropped from $765.6 million to at least $456.8 million, representing a -40.3% year-over-year drop. The number of attacks is as high as it has ever been, but the number of victims who refuse to pay the ransom has increased as well. 

Working with Coveware, Chainalysis has observed a significant decrease in the number of ransomware victims willing to pay: 76% in 2019, but only 41% in 2022. According to Chainalysis, this is a "highly encouraging" trend that is likely influenced by a variety of factors. 

Ransomware victims have realized that even if they pay the ransom, there is no guarantee that their data will be handed back or that the ransomware actor will delete the "stolen" files instead of selling them on the dark web. But since the public perception of the ransomware phenomenon has matured, data leaks no longer pose the same risks to brand reputation as they did in previous years.

Companies and government agencies, which are the primary targets of modern ransomware operations, have also improved their backup strategies, making data recovery a much cleaner and easier process than it was only a few years ago.

Insurance companies are also much less likely to permit their customers to use an insurance payout to satisfy a ransom demand. Eventually, because many ransomware operations are based in Russia, victims who choose to pay may face harsh legal consequences as a result of the country's economic sanctions following the invasion of Ukraine.

Despite the fact that victims are not paying as much as they used to, the ransomware industry is far from dead: in 2022, the average lifespan of file-encrypting-malware strains has dropped from 153 days to just 70 days year on year. The "Conti" ransomware operation ended, while other ransomware-as-a-service (raas) operations, such as Royal, Play, and BlackBasta, went live. At the end of 2022, LockBit, Hive, Cuba, BlackCat, and Ragna were still in business (and still demanding ransom payments).