Ivan Kwiatkowski is a well-known hacker and researcher in computer security, he recently went through an incident that he probably won't be able to forget soon, especially since he managed to trick two scammers, specialized in tricks, into installing his ransomware which encrypted their HDDs.
Totul It started the day Kwiatkowski's parents accessed a web page that displayed an alert telling them that their computer had been infected with a virus called Zeus and that they should call a helpline for to receive help in order to devirus the computer.
Interested in discovering the people behind the problem, he created a virtual machine in which he installed Windows XP, accessed that website, called the telephone number for the technical assistance line and thus ended up talking to the people who were trying to steal the money to his parents, without them knowing.
The scammers asked him to install an application that would allow them to access his computer to help him with the devirus, they tried to prove the fact that that computer is infected by various methods, including by opening Command Prompt and typing phrases like "infected ”, “broken ip”, or “1452 virus”.
Without ever implying that he knew the scammers' plan, Kwiatkowski agreed to give them the information of "a" credit card in order to buy from them a software that would devirus his computer, but of course that the data provided by to him they were completely invented.
After several unsuccessful attempts to withdraw money from "his card", Kwiatkowski offered to send the scammers a picture of his credit card, but in reality that picture hid a ransomware, called Locky, which, as soon as it was downloaded, began to encrypt the data from the HDDs of the scammers.
Of course, the scammers tried to access that image and reported Kwiatkowski's failure, he gave them several more fabricated credit card numbers, and after other unsuccessful attempts and more encrypted data, the scammers gave up and gave up. he also "sells" the antivirus software to the computer security researcher.
I tried opening your photo, nothing happens. Are you sure? Sometimes my pictures have a problem opening on MacOS, are you on Windows? Your pictures are corrupted because your computer is infected. This is why we need to take care of this. And while a background process quietly encrypts his files, we try paying a couple more times with those random [credit card] numbers and he finally gives up, suggesting that I contact my bank and promising to call me back next Monday.
In order to fool the scammers, he relied on the fact that they always start from the presumption that all those who call them are naive and can be fooled easily, but in the end they were the ones who ended up being fooled by the method by which they probably stole large sums of money from many people.
