There’s so much bad news about computer security that we sometimes forget to applaud when something good happens.
Let’s change that right now.
Victims of Rex Mundi included Dominos Pizza, which refused to pay a ransom after the the personal details of some 650,000 customers were stolen by the hackers.
The hackers created a website on the dark web for the purposes of disseminating data that they had stolen.
In a statement, Europol detailed an attempted extortion last year which ultimately resulted in the arrest of gang members:
In May 2017 a British-based company was the victim of a cyber-attack during which a large amount of customer data was compromised. The attack was immediately claimed by an organisation called Rex Mundi.
A few days later, the company received a phone call from a French-speaking person explaining that he was a member of Rex Mundi. This person shared a large number of credentials with the company to prove that they had access to the data.
The corporate victim was told that they would have to pay almost EUR 580,000 to prevent customer data from being disclosed, or EUR 825,000 for information on how the hackers breached security. To increase pressure further, the company was told that for every day that it failed to pay, there would be an additional ransom of EUR 210,000.
All payments were to be made in Bitcoin.
The unnamed British firm contacted the UK’s Metropolitan police, who worked with French high-tech crime police and Europol. Within an hour, Europol man aged to link the available information to a French national.
French authorities arrested five people in June 2017. The main suspect admitted his involvement in the extortion, but said he had hired someone else via the dark web to carry out the hack itself.
French Police went on to arrest two hackers in France in October 2017, and the final piece of the jigsaw, also a French national with coding skills, was arrested on 18 May by the Royal Thai Police under a French international arrest warrant.