Connect with us

Hi, what are you looking for?



Hackers Demand Bitcoin Ransom Following New Wave of Attacks

European and Israeli companies were targetted in a new type of ransomware attack called Pay2Key. At least four companies have already paid the requested ransom in bitcoin.

A group of researchers has located a new type of ransomware attack called Pay2Key executed against several Israeli and European companies. The perpetrators have requested the ransom to be paid with bitcoins, which the researchers have followed the funds to an Iranian cryptocurrency exchange.

A New Ransomware Attack On Israeli And European Firms

The updated research from the cybersecurity company CheckPoint reveals several that firms based in Israel have complained about being attacked in the past few weeks. They all reported that this ransomware had spread rapidly across their networks while leaving most parts encrypted along with a ransom note threatening to leak stolen corporate data unless the victim pays a demand.

Although the so-called Pay2Key attack was initially targeting Israeli companies only, new reports emerged claiming that at least a few European countries have fallen victims as well.

The research highlighted that some of the companies decided not to pay the ransom. The perpetrators stood true to their word and published their information online.

To do so, they created a new Onion website and inserted designated folders for each of the victims. So far, there have been three folders with firms’ details – all Israeli companies.

The Bitcoin Trace Imply Iranian Involvement

As mentioned above, the unknown attackers requested the demand to be paid in bitcoins. Each ransom note sent to the victims contained a Bitcoin address to which the victims need to send the funds. According to CheckPoint, at least four victims decided to pay.

As the transparent nature of the BTC blockchain stores all transactions, the researchers were able to follow the payments. They saw all transactions ending up on one address. From that point forward, the funds were redirected to a high activity wallet, which is typically associated with cryptocurrency exchanges.

Additionally, the researchers compared and verified that this final wallet belonged to an Iranian digital asset platform dubbed Excoino.

In case Excoino users want to withdraw funds, they need to provide a valid Iranian phone number, an ID/Melli code, and a copy of the ID. The exchange’s terms and conditions also read that the first transaction (or any suspicious transactions) will be reported to the Iranian Cyber Police (FATA) for further investigation.

Consequently, the researchers concluded that the owners of the final wallet could be Iranian citizens, “who most probably are behind the Pay2Key attack on Israeli companies last week.”

News Source


Trending Post


ChainLink is basically very exciting.  Users have to state that it stirs the imagination and passions of the community in ways that other projects...


Senseering offers an IOTA-based solution to create a marketplace for data that can be shared among partners. Senseering’s solution will be used in collaboration...


Cryptocurrency investment is becoming a common trend. In the fourth quarter of the year, when investments are said to start doing well, how are...


VeChain (VET), BTCMVMNT, and Team Zuby have joined forces to create a limited-edition merchandise collection dubbed “Take the Power Back.” The team says the...

Copyright © ELEVENEWS