The hackers behind a ransomware attack ran into a problem this week when a security researcher discovered a flaw in their payment system, helping victims save $27,000 on potential losses. The researcher in question is Stanford University student Jack Cable. Cable received a call from a family friend on Wednesday. The friend needed help because his computer was locked by cybercriminals. As a doctor, it was imperative he get access back as soon as possible. The doctor was prepared to pay the ransom when Cable looked at the payment system.
The hackers demanded 0.01 bitcoin from the doctor, which was around $550 at the time. Cable, who has experience as a cybersecurity adviser for the Department of Homeland Security during the recent 2020 election, realized he could change one letter to uppercase in the “transaction ID” used to track payments, the system would mistake the input, thinking it came from someone who had paid, and unlock the files.
The ransomware, QLocker, has made quite an impact in recent days. The ransomware targets network storage systems from QNAP Systems. The firm confirmed the attacks on Thursday, adding that it was working to create a “solution to remove malware from infected devices.”
Cable sent out a tweet asking victims to contact him so he could help them. Cable says 50 people responded to his message and he helped them recover their files using the glitch he used with the doctor. Altogether, Cable helped save a combined $27,000 in ransomware payments.
The glitch has since been fixed, but Cable secured a small but significant win against the slew of ransomware incidents affecting the United States.