'Robin Hood of ransomware' wreaks revenge on shady businesses

News
By published

A hacking group has begun targeting companies carrying out “loan scams”

(Image credit: Shutterstock)

A group of hackers is fighting back against online scammers by targeting “scam” companies with ransomware and denial of service attacks.

A new ransomware called MilkmanVictory was recently discovered online and the hackers behind it, who call themselves CyberWare, revealed in a post on Twitter that they created it specifically to send to scammers.

BleepingComputer also spoke to the group who said they have begun targeting companies performing what they refer to as “loan scams”. In these scams, victims are told that they will receive a loan after making a payment to a company but in reality there is no loan and no way for them to get their money back.

This isn't the first time we've seen hackers targeting other hackers as back in March of this year, Cybereason discovered that hackers were modifying existing hacking tools by injecting a powerful remote-access Trojan into them.

Targeting scammers

As part of its new campaign against scammers, CyberWare is sending phishing emails containing links to executables disguised as PDF files. The group is also conducting denial of service attacks to bring down scam company's websites.

The MilkmanVictory ransomware is being distributed as a destructive wiper attack as it does not provide victims with a way to contact the attackers and does not save the encryption key. Instead victims receive a ransom note on their computers which reads: “Hello!, This computer has been destroyed with the MilkmanVictory Ransomware because we know you are a scammer! - CyberWare Hackers :-)”.

Apparently the new ransomware is based on HiddenTear and because of this, if a key is not saved, it can still be decrypted using brute force attacks.

CyberWare claims to have targeted the German Lajunen Loan company with a DDoS attack and emails spreading its ransomware. At the time of writing, the company's website is still down which gives credence to the group's claims.

Via BleepingComputer

Anthony Spadafora
Anthony Spadafora

After working with the TechRadar Pro team for the last several years, Anthony is now the security and networking editor at Tom’s Guide where he covers everything from data breaches and ransomware gangs to the best way to cover your whole home or business with Wi-Fi. When not writing, you can find him tinkering with PCs and game consoles, managing cables and upgrading his smart home. 

Latest in Security
Microsoft
"Another pair of eyes" - Microsoft launches all-new Security Copilot Agents to give security teams the upper hand
Lock on Laptop Screen
Medusa ransomware is able to disable anti-malware tools, so be on your guard
An abstract image of digital security.
Fake file converters are stealing info, pushing ransomware, FBI warns
Insecure network with several red platforms connected through glowing data lines and a black hat hacker symbol
Coinbase targeted after recent Github attacks
hacker.jpeg
Key trusted Microsoft platform exploited to enable malware, experts warn
IBM office logo
IBM to provide platform for flagship cyber skills programme for girls
Latest in News
Disney Plus logo with popcorn
You can finally tell Disney+ to stop bugging you about that terrible Marvel show you regret starting
Girl wearing Meta Quest 3 headset interacting with a jungle playset
Latest Meta Quest 3 software beta teases a major design overhaul and VR screen sharing – and I need these updates now
Philips Hue
Philips Hue might be working on a video doorbell, and according to a new report, we just got our first look at it
Microsoft
"Another pair of eyes" - Microsoft launches all-new Security Copilot Agents to give security teams the upper hand
The Samsung Galaxy S25 Edge on display the January 22, 2025 Galaxy Unpacked event.
A fresh Samsung Galaxy S25 Edge leak hints at a 2K display and a titanium frame
Hatch Restore 3 in Putty
You can finally start your day with The Office theme song, and I couldn't be more excited
More about security
An abstract image of digital security.

Fake file converters are stealing info, pushing ransomware, FBI warns
Microsoft

"Another pair of eyes" - Microsoft launches all-new Security Copilot Agents to give security teams the upper hand
The Samsung Galaxy S25 Edge on display the January 22, 2025 Galaxy Unpacked event.

A fresh Samsung Galaxy S25 Edge leak hints at a 2K display and a titanium frame
See more latest
Most Popular
The Samsung Galaxy S25 Edge on display the January 22, 2025 Galaxy Unpacked event.
A fresh Samsung Galaxy S25 Edge leak hints at a 2K display and a titanium frame
Philips Hue
Philips Hue might be working on a video doorbell, and according to a new report, we just got our first look at it
SDUNITED AX835-025FF mini PC
This mini PC with the incredible Strix Halo APU is yet another sign AMD may have given up on big brands for bleeding edge tech
Disney Plus logo with popcorn
You can finally tell Disney+ to stop bugging you about that terrible Marvel show you regret starting
Girl wearing Meta Quest 3 headset interacting with a jungle playset
Latest Meta Quest 3 software beta teases a major design overhaul and VR screen sharing – and I need these updates now
Hatch Restore 3 in Putty
You can finally start your day with The Office theme song, and I couldn't be more excited
Dell Pro Max with GB300
HP and Dell's latest Nvidia powered PCs are likely to be some of the most expensive workstations ever launched
Shape of Russia filled with Russian flag-colored internet codes on a black hacking background
A new wave of blocks in Russia targets VPN apps and Cloudflare subnets
An abstract image of digital security.
Fake file converters are stealing info, pushing ransomware, FBI warns
Microsoft
"Another pair of eyes" - Microsoft launches all-new Security Copilot Agents to give security teams the upper hand