The Bank of Zambia suffered a ransomware attack by the Hive operation on Monday, May 9. Clearly, it established that they were not going to pay the ransom asked by the hackers. They did so by a posting a rather graphic image depicting the male genitalia, with a comment under it. The country’s central bank, Bank of Zambia revealed last week that recent technical outages were a result of a cyberattack.
In a press release, the bank noted that ‘the Bank of Zambia’ wished to let the members of the public know ‘that it experienced a partial disruption’ to some of its IT (Information Technology) services. It specified how the outages owing to the attack occurred on Monday, May 9, 2022. They specified how the sudden disruption occurred owing a suspected ‘cybersecurity incident.’ Specifically, this resulted in the certain systems of the Bank getting affected such as ‘the Bureau De Change Monitoring System and the Website.’ They went on to assure the customers the system impacted had been ‘fully restored.’
Response from the bank:
The Bank of Zambia did not reveal much about the details of the cyberattack conducted by the Hive ransomware operation, claiming to have encrypted the bank’s Network Attached Storage (NAS) device. Clearly, instead of paying the asked ransom, the representative of the bank replied to random negotiation by ridiculing the hackers ’14m3-ski1llz.’ They went on post a link to a rather graphic photograph of the male genitalia, along with an abusive comment. Reports suggest how this was the bank retaliating on the hacking attempts.
After a review of the chat, it looked like unrelated individual hijacked this negotiation. This led to security researcher MalwareHunterTeam to post a poll enquiring if people felt images such as these in a ransom negotiation indicated that it hijacked or whether it was from the victim. Surprisingly, the majority responded it was from the victim. Reports suggested that the Bank’s Technical Director, Greg Nsofu stated they had secured the core systems of the bank, and it was not necessary to engage with the hackers.
If dick pics appears in a payment site page / chat for a victim of a ransomware gang, it means that:
A: some idiot got access to the chat
B: the victim not plans to pay the ransom and so sending some "kind" message the to actors.— MalwareHunterTeam (@malwrhunterteam) May 16, 2022
Ransomware continues to be a significant problem for both home users and enterprises. Clearly, the appropriate action to end this scourge is to just not give to threats and pay ransoms. People hope that such operations would soon die out with couple non payment through more government sanctions and increased law enforcement actions.