New Ransomware Demands Discord Gift Codes Instead of Crypto

Opt-in to Cyber Safety. Multiple layers of protection for your devices, online privacy and more.

This site may earn affiliate commissions from the links on this page. Terms of use.

Ransomware is an unfortunate reality of the modern digital age, and you may think you’ve seen it all after major malware attacks like NotPetya and Maze. However, NitroRansomware has a new trick up its sleeve. Rather than asking victims to pay the ransom with cryptocurrency, it asks for a Discord gift card. 

You might be thinking that Discord is a free chat platform, and you’re right. Casual Discord users might not even know that there is a paid version of the service. For $9.99 per month, you can get Discord Nitro, which includes perks such as HD video streaming, more emoji, and larger file uploads. When buying Nitro, you can choose to apply it to your account or get a gift link. That’s what the latest ransomware is after. 

The malware reportedly makes its way onto systems by pretending to be a tool that allows the user to generate free Nitro gift codes, according to BleepingComputer. So, anyone who installs it will get very much the opposite of what they wanted. As with all other forms of ransomware, NitroRansomware sets up shop and encrypts the documents folder, appending a .givemenitro extension to the scrambled files. It also changes the user’s wallpaper to an angry Discord logo (above) before popping up the demand for payment. 

Victims of the ransomware are given three hours in which to buy a Nitro code and enter it in the box. When a valid code is added, the malware decrypts the files with an embedded key. That key is stored inside the EXE, making it possible to salvage your files without paying the price — it’s not the most sophisticated malware in the world. However, it does try to steal your data because why not?

The malware decrypts files after getting a valid Discord gift link, but the keys are static and hidden in the EXE.

Upon installation, NitroRansomware searches for the user’s Discord installation directory and copies the login tokens….


Coinbase hangover rattles crypto assets with bitcoin in free fall, Telecom News, ET Telecom

Opt-in to Cyber Safety. Multiple layers of protection for your devices, online privacy and more.

By Shamim Adam and Emily Barrett

The mania that drove crypto assets to records as Coinbase Global Inc. went public last week turned on itself on the weekend, sending Bitcoin tumbling the most since February.

The world’s biggest cryptocurrency plunged as much as 15% on Sunday, just days after reaching a record of $64,869. It subsequently pared some of the losses and was trading at about $56,440 at around 8:25 a.m. in Tokyo Monday.

Ether, the second-biggest token, dropped as much as 18% to below $2,000 before also paring losses. The volatility buffeted Binance Coin, XRP and Cardano too. Dogecoin — the token started as a joke — bucked the trend and is up 7% over 24 hours, according to CoinGecko.

The weekend carnage came after a heady period for the industry that saw the value of all coins surge past $2.25 trillion amid a frenzy of demand for all things crypto in the runup to Coinbase’s direct listing on Wednesday. The largest U.S. crypto exchange ended the week valued at $68 billion, more than the owner of the New York Stock Exchange.

“With hindsight it was inevitable,” Galaxy Digital founder Michael Novogratz said in a tweet Sunday. “Markets got too excited around $Coin direct listing. Basis blowing out, coins like $BSV, $XRP and $DOGE pumping. All were signs that the market got too one way.”
Coinbase hangover rattles crypto assets with bitcoin in free fallDogecoin, which has limited use and no fundamentals, rallied last week to be worth about $50 billion at one point before stumbling Saturday. Demand was so brisk for the token that investors trying to trade it on Robinhood crashed the site a few times Friday, the online exchange said in a blog post.

There was also speculation Sunday in several online reports that the crypto plunge was related to concerns the U.S. Treasury may crack down on money laundering carried out through digital assets. The Treasury declined to comment, and its Financial Crimes Enforcement Network (FinCEN) said in an emailed response on Sunday that it “does not comment on potential investigations, including on whether or not one exists.”

‘Price to Pay’
“The crypto world is waking up with a bit of a sore head today,” said Antoni Trenchev, co-founder of crypto lender Nexo. “Dogecoin’s 100% Friday rally…


The perils of suing crypto exchanges after ransomware attacks

In October 2019, unknown hackers infiltrated a Canadian insurance company by installing the malware BitPaymer, which encrypted the firm’s data and IT systems. The hackers demanded a ransom of $1.2 million be paid in Bitcoin (BTC) in return for the decryption software needed for the firm to regain access to its systems. 

The firm’s United Kingdom-based insurer — known only as AA — arranged to pay the BTC ransom, and the firm’s systems were back up and running within a few days. Meanwhile, AA started the process of seeking legal avenues to recover the BTC obtained by the hackers. It engaged the blockchain investigations firm Chainalysis, whose investigations revealed that 96 of the 109.25 BTC paid had been transferred to a wallet linked to the Bitfinex exchange.

So far, this story is (unfortunately) far from unusual. Bitcoin accounts for the vast majority of ransomware payments due to its anonymity, accessibility (making it easier for victims to pay the ransom) and verifiability of transactions (allowing criminals to confirm once payment has been made). What is unusual about this story, however, is that it sparked a 14-month-long legal battle between AA and Bitfinex, one that only recently concluded after AA discontinued its claim against Bitfinex in the U.K. High Court.

Having traced the stolen BTC to Bitfinex’s platform — and with the identity of the hackers still unknown — AA started its litigation against Bitfinex in December 2019. Again, this is not unusual: U.K. courts have a wide range of remedies at their disposal to assist victims of fraud in trying to recover their assets. In instances where banks, exchanges or other intermediaries may find themselves unknowingly receiving or holding misappropriated or stolen assets, victims of fraud have been able to rely on:

  • Norwich Pharmacal orders, which require a third party to disclose certain information to the applicant that will assist in recovery efforts. In this context, the information would be the identity of the wallet holder to which the BTC was traced, and/or details of any other transactions involving the BTC since receipt by the wallet linked with the exchange.
  • Freezing orders that prevent defendant…


Will FinCEN’s Crypto Conundrum Hurt Ransomware Victims?

Ransomware was invented 30 years ago when an AIDS researcher mailed between 10 and 20 thousand 5.25 floppy disks emblazoned with the name “AIDS Information Version 2.0,” to people and business around the world. Over the past 30 years, much has changed including our use of computers which now, instead of being attached to cathode ray television sets, fit into our pockets. The trajectory, from floppy disks in the 80’s, to e-commerce by the early 2000s, has culminated in the minting of digital money. Since then, as the use of cryptocurrency has grown, other industries have grown with it. One industry, often overlooked, is ransomware. Ransomware is a plague on businesses world-wide. Indeed, the  U.S. government recommends not paying these ransoms. New guidance, however, issued by the Financial Crimes Enforcement Network (“FinCEN”) to the industry in late 2020, takes this too far; it threatens to impose sanctions on the insurance industry that has bloomed around cyber crime and will likely hurt the victims, not the criminals.

Ransomware is Everywhere

“Today, ransomware is a booming business for cyber criminals, making cyber insurance a business imperative.” Says Bridget Choi, the General Counsel of Kivu Consulting, a digital forensic-incident response (“DFIR”) firm, who leads their regulatory program. “Since the boom, cyber insurance has become a billion-dollar industry.” Originally designed to be a risk transfer should a network go down and a business lose revenue, cyber insurance is now frequently used to protect against and respond to ransomware attacks. And cyber insurance claims happen to be an excellent metrics for tracking these cyber-attacks. “As recently as 2013, the large cyber-claims were typically well-known data or payment card data security breaches,” explains Choi. “With the growth of digital payments and cryptocurrency, the cyber threat landscape has changed.” Indeed, the FBI estimates that “$144.35 million in Bitcoin have been paid” for ransomware attacks between 2013 and 2019. Estimates for ransomware payments for 2020—based in part on the surge in remote work spurred by COVID-19—reached…