Security isn’t as black and white as people think, sometimes people do the bad things for the right reasons. This is the area that ethical hackers deal with, testing websites by employing the same techniques that those who want to cause harm or profit from your information illegally. Imagine the surprise then when a site used to support these ethical hackers was caught spreading ransomware this week.
Ransomware is a particularly nasty version of malware (malicious software) that works by encrypting your data, meaning you either pay the fee they want or potentially lose access to your data forever. Recently it’s affected several hospitals and even the FBI say you should just pay.
EC-Council is responsible for administrating the ethical hacker program, a system by which people can become trained and certified that their hacks are for legitimate and protective reasons, rather than malicious and illegal.
The site started spreading TeslaCrypt on Monday and seems to be targeting specific people. Those who visit the site using Internet explorer and only when they are redirected from a search engine are affected. If this didn’t cause enough trouble the hack seems to also use people’s IP addresses to determine their geographic location, meaning it targets a narrow group of people and makes its behavior seem more erratic, and thus harder to track and fix.
Requesting 1.5 bitcoins (around £442), the redirect exploit that allowed the ransomware to be installed was published by FOX News on Thursday after attempts to alert them privately yielded no responses.
Ethical hacking is a difficult business, with some companies considering you more foe than friend, but the help they provide stops issues like this (ironically) from happening.