— tartarus_destroyer (@detoxransome) July 26, 2015
— tartarus_destroyer (@detoxransome) July 24, 2015 DetoxRansome has been demanding ransom from BitDefender according to Forbes. The hacker has even showed the Thomas Brewster of Forbes the unencrypted usernames and passwords purportedly belonging to the BitDefender customers. BitDefender in a emailed statement has stated that it found a potential security issue with a server and determined a single application was targeted – a component of its public cloud offering. BitDefender added that the hacker could not penetrate the server but had gained access to a few usernames and passwords due to a vulnerability. The company did not state as to how many customer user accounts were compromised but said that the compromised customers were“less than one per cent of our SMB customers.” Researchers, Travis Doering & Dan McPeake from the Hacker Film stated on their blog that DetoxRansome had demanded $15000 as ransom from BitDefender on 24th July in return for the stolen data base and the exploit which the hacker used. Further the hacker had threatened to leak the database if the ransom demand was not met.
When the BitDefender took their tweet lightly, they tried again to convince BitDefender to pay up the ransom amount on 25th July. Hacker Film notes that, The data that the hacker dumped online contained 250 customer usernames and passwords and were confirmed by BitDefender to be active customers of their firm. On Tuesday, 28th July in another email, DetoxRansome said they had taken control of two BitDefender cloud servers and “got all logins” contrary to the BitDefender’s statement. The Romania based AV firm has not yet paid the ransom demanded by the hackers and said that the authorities were investigating the matter. The Hacker Film noted on 29th July that the BitDefender compromised data was being sold on the Dark Web underground forums. Of late, anti virus makers have been targeted by the cyber criminals. Earlier it was reported by the NSA contractor cum whistleblower, Edward Snowden that NSA had targeted almost all major antivirus companies including BitDefender. Close on the heels of that revelation, Google researcher, Tavis Ormandy discovered worrisome flaws in ESET antivirus on 24th June, 2015.
