Home - Article

Featured Article

January 31, 2018

Hackers Are Now Intercepting Ransomware Payments

For years, we have been cautioning our readers against making ransomware payments after an infection. The top reasons are that you don’t know what kind of criminal organization you are supporting in the process, and there is no guarantee that it will work.

Now, there is another reason to avoid making a ransomware payment if you can.

Hackers have discovered a way, using a Tor proxy service, to intercept payments and funnel them into their personal bitcoin wallets. This strategy — which is a new type of man-in-the-middle attack — adds an interesting twist to the ransomware pandemic. Now, it doesn’t matter if you pay or if you don’t pay. Hackers may never receive the funds that you send.

To deploy this type of attack, hackers first request victims to download the Tor browser in order and buy cryptocurrency so they can make a private payment. The hacker typically includes a link to a Tor proxy, or a website that translates Tor traffic into standard Internet traffic. Then, the hacker will use a specific Tor gateway to modify the bitcoin wallet address, and redirect the payment into a personal account.

So keep this in mind when your business eventually gets hit with ransomware. Paying the ransom may seem like the fastest, and most cost-effective way to get your data back. But you could very well just be throwing money away if you choose to go this route — and funding a complete stranger in the process.

I wish there was an easy way to fix this problem, but there isn't. This is the reality that we are now faced with. The best you can do is add multiple layers of security to your network, make sure your systems are up to date with the latest security patches and educate your end users about how to avoid ransomware online. If you take these preliminary cautions, you could avoid winding up in a situation where you have to decide whether to make a payment, or kiss your data goodbye forever.

Here are some of the areas all organizations looking to promote a cybersecurity culture need to focus on.

1.    Cybersecurity training must be done regularly.

2.    Auditing and documentation must be performed regularly to ensure systems are secure.

3.    Anomaly detection should be running constantly to detect threats as they emerge.

4.    Penetration testing shows if systems can easily be reached from the outside. Here is a case where this test might have saved two company’s’ reputations from being destroyed.

5.    Network forensics for when a breach eventually occurs. The bad guys always seem to get in eventually.

6.    An action plan to follow when a breach does occur. Once it happens, few will have the clear heads needed to “wing it” correctly. Equifax botched it’s response in what is being called a PR catastrophe.

To ensure your organization is safe – even if you have internal IT, hire an experienced MSP or MSSP like Apex Technology Services.

Apex Technology Services
Choose from comprehensive, affordable solutions for IT consulting, network services and computer help desk support in Fairfield county including Norwalk, Darien, Stamford, Greenwich, Ridgefield and Bridgeport. Also Westchester county including Rye, New Rochelle, White Plains, Yonkers and New York including Manhattan and the five boroughs.


Apex Technology Services is a cutting edge MSP offering quality IT support to financial, medical, legal, Fortune 500 and government agencies while adhering to the highest of quality...



Apex Technology Services has the cybersecurity expertise to help your business in a world filled with attackers looking to shut down your business hold it ransom or steal your valuable...



Apex Technology Services delivers a combination of traditional IT functions such as infrastructure as a service (IaaS), applications, software, security, monitoring, storage...


Ranked Top 10 Network security Solution Provider

One Stop Shop For All Your Technology Needs

Contact us Now!