It is common for regulation enforcement companies to supply substantial rewards for data which could result in the identification, arrest, and conviction of cybercriminals.
For example, we’ve seen a US $10 million reward for suspected LockBit ransomware mastermind Dmitry Yuryevich Khoroshev, a $2.5 million bounty supplied for the arrest of a key individual suspected of involvement with the Angler Exploit Equipment, and a $10 million reward supplied for details about the Russian navy hackers implicated within the NotPetya assault, amongst many different examples.
So it most likely did not appear so unusual that an array of cybersecurity information shops introduced final week that Europol was providing a reward of as much as $50,000 for details about two senior members of the Qilin ransomware gang.
Sadly, it wasn’t true.
As Bleeping Laptop stories, a brand new Telegram channel known as @europolcti was created earlier this month and that’s the place the pretend information of the $50,000 reward was posted relatively than on Europol’s web site, or official social media accounts.
The textual content of the pretend reward supply learn partially:
Through the course of ongoing worldwide investigations, we’ve confirmed that the cybercriminal group Qilin has carried out ransomware assaults worldwide, severely disrupting essential infrastructure and inflicting vital monetary losses.
The message continued by claiming that Europol had recognized that Qilin gang’s main directors, who oversaw extortions and co-ordinated associates, used the web aliases “Haise” and “XORacle”.
A reward of as much as $50,000 is obtainable for data that instantly results in the identification or location of those directors.
Now, that actually can be information price writing about if it had been true (though, if I could be churlish, I view the scale of the reward as not likely being in the identical league as different bounties supplied prior to now), but it surely has been confirmed as nonsense by Europol itself.
As with a lot of social media, it is easy for anybody to create an account claiming to be whoever they like. And if any posts they make occur to generate some traction, it could possibly quickly be the case that the information is multiplying and spreading uncontrolled around the globe.
So, why precisely did somebody publish information of a pretend bounty for data resulting in members of the Qilin ransomware gang?
Properly, a doable clarification could be present in a subsequent publish on the channel from somebody calling themselves “Rey”:
This was really easy o run and idiot so known as ‘Researchers’ and ‘Journalists’ that simply copy stuff.. Thanks all!
Europol’s Qilin ransomware bounty could also be nonsense. However the ransomware itself is a critical risk, and no laughing matter. Earlier this 12 months an official investigation linked an assault by Qilin in opposition to a UK NHS supplier as being one of many components that triggered a affected person’s dying.
