Prosecutor's office paid ransom to regain access to its computers; international network busted
The District Attorney’s office in Allegheny County, Pennsylvania, paid nearly $1,400 in bitcoin to get access to its computer network, held hostage by criminals using an international computer malware ring known as the Avalanche.
Court documents unsealed Monday referred to a ransom payment by a Pennsylvania prosecutor’s office, and Allegheny County District Attorney Stephen Zappala confirmed the reference was to his office, report the Associated Press, Pennlive.com and TribLive.com.
The U.S. Justice Department announced arrests and searches in four countries Monday as part of a international law enforcement operation targeting the Avalanche infrastructure. Cybercriminals used Avalanche in schemes involving malware for ransom, stolen banking passwords and laundering of money collected in malware attacks. A press release is here.
Zappala said his office’s computers became infected and encrypted when an employee clicked on a link in an email, which installed the malware. The link appeared to go back to a legitimate government agency.
U.S. Attorney Soo Song spoke about the operation in a press briefing. “This is the first time that we have aimed to and achieved the destruction of a criminal cyber infrastructure while disrupting all of the malware systems that relied on it to do harm,” Song said. “If Avalanche was the bridge that allowed malware to proliferate around the world, through this operation we seized control of the bridge and imploded it.”
