hackOfficial software can be expensive, which is why sometimes people turn to piracy because they have no choice. This isn’t to say that this is a justified alternative, but it happens. Unfortunately for a European biomolecular research institute, it seems that one of the decisions by a student working at the lab has resulted in a ransomware attack.
According to the report, one of the university students that the lab works with decided to download a pirated version of a data visualization software from a warez site. However, it turns out that this pirated version of the software was actually a trojan in disguise that logged keystrokes, stole clipboard history, and passwords.
However, according to Sophos’ Rapid Response team which helped neutralize the attack, it’s likely that the operators of the pirated software and the ones that launched the Ryuk attack are different people, so it is possible that the attackers who launched the ransomware attack bought the credentials stolen from the trojan.
Thankfully no ransom was paid, but the research lab lost about a week’s worth of research data and suffered a week-long network outage as the servers had to be rebuilt from scratch and data had to be restored using backups.