It is common for regulation enforcement businesses to supply substantial rewards for data which could result in the identification, arrest, and conviction of cybercriminals.
For example, we now have seen a US $10 million reward for suspected LockBit ransomware mastermind Dmitry Yuryevich Khoroshev, a $2.5 million bounty provided for the arrest of a key particular person suspected of involvement with the Angler Exploit Package, and a $10 million reward provided for details about the Russian navy hackers implicated within the NotPetya assault, amongst many different examples.
So it most likely did not appear so unusual that an array of cybersecurity information shops introduced final week that Europol was providing a reward of as much as $50,000 for details about two senior members of the Qilin ransomware gang.
Sadly, it wasn’t true.
As Bleeping Laptop stories, a brand new Telegram channel referred to as @europolcti was created earlier this month and that’s the place the faux information of the $50,000 reward was posted quite than on Europol’s web site, or official social media accounts.
The textual content of the faux reward provide learn partly:
Throughout the course of ongoing worldwide investigations, we now have confirmed that the cybercriminal group Qilin has carried out ransomware assaults worldwide, severely disrupting vital infrastructure and inflicting important monetary losses.
The message continued by claiming that Europol had recognized that Qilin gang’s major directors, who oversaw extortions and co-ordinated associates, used the net aliases “Haise” and “XORacle”.
A reward of as much as $50,000 is obtainable for data that straight results in the identification or location of those directors.
Now, that actually can be information price writing about if it had been true (though, if I will be churlish, I view the scale of the reward as not likely being in the identical league as different bounties provided up to now), however it has been confirmed as nonsense by Europol itself.
As with a lot of social media, it is simple for anybody to create an account claiming to be whoever they like. And if any posts they make occur to generate some traction, it may quickly be the case that the information is multiplying and spreading uncontrolled world wide.
So, why precisely did somebody submit information of a faux bounty for data resulting in members of the Qilin ransomware gang?
Effectively, a doable rationalization may be present in a subsequent submit on the channel from somebody calling themselves “Rey”:
This was really easy o run and idiot so referred to as ‘Researchers’ and ‘Journalists’ that simply copy stuff.. Thanks all!
Europol’s Qilin ransomware bounty could also be nonsense. However the ransomware itself is a critical menace, and no laughing matter. Earlier this yr an official investigation linked an assault by Qilin towards a UK NHS supplier as being one of many elements that brought on a affected person’s dying.
