The Medusa criminal organizationwhat rObtained information from the National Securities Commission of Argentina, is closer to realizing his threat. After warning a week ago that it would upload the files to the web if the agency did not pay a million-dollar ransom, they finally published the stolen information, but still did not enable its free download.
To obtain the files, Medusa asks to be contacted through a encrypted messaging system. The specialists’ hypothesis suggests that the group would be interested in selling the information in parts to those who show interest in obtaining it.
“This group of cybercriminals marks the information as published and for two or three days it does not allow anyone to download it from the dark web, but instead asks you to send an anonymous message. It is difficult to know the reason: it could be another attempt to extort money from the affected entity , but I would say that it is more an attempt to sell the information to actors who are willing to pay a price perhaps less than the ransom price,” Maximiliano Firtman, a Systems graduate, explained to El Cronista.
“If they act as in previous opportunities, in a few days the information would be downloadable for anyone,” he added.
Besides, images of the directory tree were released hinting at what kind of information Medusa has in her possession. Thus, they can be seen from photos and screenshots of filesup to the complete tree of computers and directories of the 1.5 TB of information.
The chronicler
hack screenshot
“If everything is real, and the indications suggest that there is a high probability that it is, a lot of private information is seen,” says Firtman.
The specialist lists “from what would be the complete databases of the internal systems of the CNV (including the web portal, Trusts, Common Funds and Ratings), internal documents, complaints, forms with information from financial system actors, file of scanned documents, CVs received by the entity by people who applied for jobs, videos with recordings of hearings with potential infringers of CNV regulations and even photos and private documents of the entity’s employees, such as medical certificates presented in Appeals Humans”.
How the hack was accomplished
On Sunday, June 11, Medusa announced that it had accessed 1.5 TB of internal information from the National Securities Commission, the official body that regulates and supervises the capital market in Argentina.
The criminal organization required the CNV to pay US$10,000 to delay the publication of the data by one day, US$500,000 to delete it, and another US$500,000 to recover it.according to screenshots from the Medusa Blog obtained by BTR Consulting, a firm specialized in cybersecurity.
A week later, Medusa begins to carry out her threat.
