Hacked Florida Auto Shop Refuses to Fork Out $100,000 Bitcoin Ransom – CCN.com
Per legal documents and a ransom note that was produced in court where the victim obtained a temporary order preventing the domain name from being transferred from its current host, the domain name of XPort Auto Parts Inc, xportautoparts.com was stolen on August 15th.
Stolen in the US, parked in Russia
The domain name was hosted on GoDaddy servers but was transferred to a Russia-based domain name registrar and hosting provider Reg.ru by the hacker. The current server location of the stolen domain name is Russia.
Information obtained from website analysis tool Website Outlook shows that the registered address of the hacker or group of hackers that stole the domain name is in the U.S. This could be true or simply an attempt to obfuscate the real identity of the hacker by using a stolen identity for instance.
Before hijacking the domain name the hacker seemed to have gathered some inside information regarding the Florida online car parts dealer. In the Bitcoin ransom note the hacker disclosed that between February and August 2019, the business had generated revenues of approximately $400,000.
Bitcoin ransom hacker researched background info on victim
“You made 400k$ Gross for the past 6 months, so my price of this and all other domains is 10BTC.”
Unlike other similar ransomware attacks where the hackers suggest resources that the victim could use to get a primer on using Bitcoin, this particular one was aware that the victim was cryptocurrency-savvy even going to the extent of mentioning the victim’s cryptocurrency exchange account:
Victim on Bitcoin ransom: Can’t pay, won’t pay
Unfortunately for the hacker, the online auto parts dealer failed to comply and instead sought the help of the hosting services provider managing to get the hosting account back. The domain name, however, remained in the hands of the hacker.
Consequently, the hacker halved the period by which the Bitcoin ransom would have to be paid to 24 hours. This was roughly seven hours after the first demand was made. The hacker also threatened to double the ransom if the new instructions were not complied with.
Six days later (144 hours) the Bitcoin ransom still hadn’t been paid and the frustrated hacker had been reduced to writing in all caps!
Last modified (UTC): September 12, 2019 4:07 PM