HamOfWisdom t1_j5zhk70 wrote on January 26, 2023 at 5:23 PM

Reply to comment by JohnGillnitz in FBI has seized website used by notorious ransomware gang by Bananaramas

I remember reading a story about how a hacker who made a banking virus later ended up solving a massive ransomware attack by simply obtaining the domain and routing it back to oblivion, essentially.

Probably skimming over a lot but it was a pretty interesting story. I think the channel Disrupttv (or maybe just disrupt) was who posted it. Fun watch, I'll find a link once I'm not at work!

arnielsAdumbration t1_j5znkdw wrote on January 26, 2023 at 6:00 PM

Was it this article?

WE-NEED-MORE-CATS t1_j5zy0t4 wrote on January 26, 2023 at 7:05 PM

Holy shit this article was an AMAZING read

[deleted] t1_j61kq08 wrote on January 27, 2023 at 1:33 AM

[removed]

ferrusmannusbannus t1_j63tnbn wrote on January 27, 2023 at 2:56 PM

Damn, glad this kid didn’t get completely screwed. I remember those early hackforums days and people used to do wiiiiiiild shit on there.

Noocawe t1_j63yoso wrote on January 27, 2023 at 3:30 PM

That's a great read, I had never even heard of this guy before. Thanks for sharing.

E_D_D_R_W t1_j5zxxv3 wrote on January 26, 2023 at 7:05 PM

If the other commentor is correct and you're thinking about WannaCry, that's kind of the gist of it. The malware was hard-coded to only do its thing if it couldn't connect to a particular (previously unregistered) DNS domain. Thus registering that domain "triggered" the kill-switch and stopped any future infections of that version of WannaCry. Per wikipedia, later versions didn't have that vulnerability.

L00pback t1_j606gpu wrote on January 26, 2023 at 7:58 PM

Oh god I hated wannacry. Self-replicating shit was a pain in the ass because lab owners don’t patch shit.

[deleted] t1_j62xm46 wrote on January 27, 2023 at 9:37 AM

[removed]