Sunday, February 5, 2023
  • Advertise With Us
  • Write For Us
  • Contact Us
  • About Us
  • Editorial Calendar
Download Latest Issue - Free!
The Cyber Express
Ransomware Report
  • Magazine
  • Firewall Daily
    • All
    • Dark Web News
    • Data Breach News
    • Hacks
    • Ransomware
    • Vulnerabilities
    Voice Networks

    Voice Networks are Under Attack – is Anybody Listening?

    Anonymous Sudan Declares War on American Corporate Giants with Devastating DDoS Onslaughts

    Dominic Alvieri

    After Hive, Will More Ransomware Groups be Taken Down in 2023?

    McEwan Fraser Legal

    ALPHV Ransomware Hits UK Realty Firm McEwan Fraser Legal, 300GB Data On The Line

    Kewal Kiran

    Indian Apparel Manufacturer Kewal Kiran Clothing’s Data Out For Sale

    BATLoader

    Stealthy BATLoader Lurks Under PowerShell Script to Evade Detection and Launch Malware

    Guardian Analytics Data Leak

    Guardian Analytics Data Leak: Ransomware Groups Daixin Team and Lockbit List Firm as Victim

    VectorStealer

    VectorStealer, Unlocking Doors to RDP Hijacking

    Qakbot Malware

    Spammers Deploy Information Stealing Qakbot Malware in OneNote Attachment

  • Essentials
    • All
    • Compliance
    • Governance
    • Policy Updates
    • Regulations
    TRAI

    TRAI Asked to Involve MoD in Drafting Big Data Regulations & Policies

    cybersecurity

    Cybersecurity incidents may soon be ‘uninsurable’

    Australia

    Australia Ropes in Tech Veterans to Set Up Cyber Action Plan

    Active Directory

    Prevent Ransomware: Save the Active Directory

    Privacy Penalty Bill

    Privacy Penalty Bill: Australian Parliament Approves Heavy Fines

    Zero Trust Strategy

    US Department of Defense to Embrace Zero Trust Strategy

    browser hijackers

    Researchers Find Browser Hijackers on Google Chrome Web Store

    DORA proposal

    DORA Proposal for Cybersecurity Awaits Full Approval by Council and ESAs

    Privacy penalty bill

    Australia Privacy Penalty Bill 2022: Pay a $50 Million Fine for Data Breaches

    • Regulations
    • Compliance
    • Governance
    • Policy Updates
  • Features
    • Cyber Warfare
    • Espionage
    • Workforce
      • Learning & Development
  • Business News
    • Startups
    • Mergers & Aquisitions
    • Partnerships
    • Appointments
    • Budgets
    • Research
      • Whitepapers
      • Sponsored Content
      • Market Reports
    • Interviews
      • Podcast
  • Events
    • Webinars
    • World CyberCon Middle East 2023
    • Endorsed Events
  • Advertise
No Result
View All Result
The Cyber Express
  • Magazine
  • Firewall Daily
    • All
    • Dark Web News
    • Data Breach News
    • Hacks
    • Ransomware
    • Vulnerabilities
    Voice Networks

    Voice Networks are Under Attack – is Anybody Listening?

    Anonymous Sudan Declares War on American Corporate Giants with Devastating DDoS Onslaughts

    Dominic Alvieri

    After Hive, Will More Ransomware Groups be Taken Down in 2023?

    McEwan Fraser Legal

    ALPHV Ransomware Hits UK Realty Firm McEwan Fraser Legal, 300GB Data On The Line

    Kewal Kiran

    Indian Apparel Manufacturer Kewal Kiran Clothing’s Data Out For Sale

    BATLoader

    Stealthy BATLoader Lurks Under PowerShell Script to Evade Detection and Launch Malware

    Guardian Analytics Data Leak

    Guardian Analytics Data Leak: Ransomware Groups Daixin Team and Lockbit List Firm as Victim

    VectorStealer

    VectorStealer, Unlocking Doors to RDP Hijacking

    Qakbot Malware

    Spammers Deploy Information Stealing Qakbot Malware in OneNote Attachment

  • Essentials
    • All
    • Compliance
    • Governance
    • Policy Updates
    • Regulations
    TRAI

    TRAI Asked to Involve MoD in Drafting Big Data Regulations & Policies

    cybersecurity

    Cybersecurity incidents may soon be ‘uninsurable’

    Australia

    Australia Ropes in Tech Veterans to Set Up Cyber Action Plan

    Active Directory

    Prevent Ransomware: Save the Active Directory

    Privacy Penalty Bill

    Privacy Penalty Bill: Australian Parliament Approves Heavy Fines

    Zero Trust Strategy

    US Department of Defense to Embrace Zero Trust Strategy

    browser hijackers

    Researchers Find Browser Hijackers on Google Chrome Web Store

    DORA proposal

    DORA Proposal for Cybersecurity Awaits Full Approval by Council and ESAs

    Privacy penalty bill

    Australia Privacy Penalty Bill 2022: Pay a $50 Million Fine for Data Breaches

    • Regulations
    • Compliance
    • Governance
    • Policy Updates
  • Features
    • Cyber Warfare
    • Espionage
    • Workforce
      • Learning & Development
  • Business News
    • Startups
    • Mergers & Aquisitions
    • Partnerships
    • Appointments
    • Budgets
    • Research
      • Whitepapers
      • Sponsored Content
      • Market Reports
    • Interviews
      • Podcast
  • Events
    • Webinars
    • World CyberCon Middle East 2023
    • Endorsed Events
  • Advertise
No Result
View All Result
The Cyber Express
No Result
View All Result
Home Features

How PC Cyborg Ransomware Pioneered Hacker’s Philosophy

Avantika Chopra by Avantika Chopra
August 27, 2022
in Features, Main Story
0
PC Cyborg Ransomware
590
SHARES
3.3k
VIEWS
Share on LinkedInShare on Twitter
Listen to this story

Ransomware has evolved into an arsenal of destruction, causing damages up to $20 billion in 2021. Reports suggest that losses will continue to grow as several hacker groups launch attacks with the sole intent of extortion. Big ransomware groups such as Lapsus$, Hive, and Conti extort billions of dollars from their victims every year. However, as lucrative as it sounds, the oldest ransomware attacks were not as ruthless as they are now. In fact, the first-ever attack initiated by an American doctor asked its victims to pay only $189. The extortion-intended malware came into existence in the form of revenge against the World Health Organization and pioneered the hacker’s philosophy to extort money from its victims.

AIDS Trojan or PC Cyborg Ransomware was the first ever malware created to extort money and was documented in 1989. It was released via a floppy disk and could replace the AUTOEXEC.BAT file in the system. According to sources, the ransomware was released during the World Health Organization’s AIDS conference in 1989. It was distributed to 20,000 doctors and AID researchers who attended the conference.

You might also like

Voice Networks are Under Attack – is Anybody Listening?

Artificial Intelligence: The Bridge Between Utopia and Dystopia

Global Banking Apps Under Attack: Researchers Find ‘InTheBox’ Web Injects

Since the internet and emails were out of the reach of the public in 1989, the ransomware was distributed via a floppy disk labeled “AIDS Information – Introductory Diskettes” and claimed to contain survey files for accessing information related to AIDS patients. However, upon using the computer disk, the researchers discovered that they were dealing with something beyond their knowledge and control — the world’s first ransomware!

Who created AIDS Trojan or PC Cyborg Ransomware?

Regarded as the father of ransomware, Joseph Popp was the sole member of the PC Cyborg Corporation, which oversaw disseminating the AIDS Trojan. After being turned down for a position at the World Health Organization, Popp is said to have distributed the AIDS Trojan as retaliation.

The components of the AIDS Trojan (flashing windows, aggressive colors, and alarming words like “Catastrophic System Error”) made the doctors and researchers who received the virus, panic. They eventually gave in to demands or erased files, destroying years of data as they had no prior experience dealing with malware and ransomware.

The Cyborg Ransomware was one of the earliest pieces of malware that used Trojan and ransomware techniques, despite being relatively weak and having a modest impact.

The nature of the demands—requiring a check mailed to a PO Box in Panama—hindered the virus’s overall efficacy. Many didn’t follow through and preferred deleting their data.

Though the program’s language was confusing, and the encryption methods were not particularly advanced, the virus employed some cunning strategies to intimidate its victims. These included delayed onset and scare tactics.

It was a short-lived threat because solutions to decrypt damaged data and uninstall the virus were distributed within the following year. However, the AIDS Trojan’s strategies did serve as a template for modern-day ransomware attacks.

Currently, ransomware has advanced to a point where it is very sophisticated and profitable, with attacks bringing in more than $1 billion annually. Ransomware attacks may cost a company more than $130,000 on average, making them one of the costliest types of online crime.

PC Cyborg Ransomware: How was it used?

Once the corrupted floppy disk was inserted into the victim’s computer systems, it revealed two QuickBASIC 3.0 files. The first one contained the file “survey,” while the other had the installer for the malware. Once installed, the malware didn’t encrypt the files immediately. Instead, it compromised the AUTOEXEC.BAT in the root directory.

The system used the BAT file on the start-up and executed it with each boot. Cyborg Ransomware stayed hidden until the system completed a 90-boot cycle, triggering the program to use symmetrical encryption to encrypt the names of all the files on the C.

The encryption method would change the files’ extension names, thus preventing them from being executed by the user. However, the actual files were not affected as a standard encryption method that didn’t harm the files but instead put them in an encryption mode.

Once the files were encrypted, the software would start shooting ransom messages on the screen, notifying the users that they must pay a certain amount to renew their software lease from PC Cyborg Corporation.

The leases were $189 for a year and $378 for a lifetime and were changed to nearly $400 and $800, respectively, during the inflation periods. Unlike modern payment methods, the 80s was not a technical decade, so the alleged hacker told its victims they needed to send the money to a Panama PO Box.

The impact and aftermath of Cyborg Ransomware

Popp did not get many Ransome rewards, partly because of his peculiar ransom payment technique. His Trojan wasn’t very pervasive and lucrative ransomware.

However, it pioneered the path for modern-day ransomware, which are ten times more powerful and detrimental than Cyborg Ransomware. Though there have been more viruses in the past, like the infamous Creeper, known for clogging users’ hard drives and stealing their contents, AIDS Trojan was one step ahead in its philosophy and intent.

Instead of just playing a prank, Popp’s ransomware pressured its victims into paying money, which paved the way for modern-day hacking methods and collectives still using the ransom model to extort money from its victims.

According to statistics, ransomware has multiplied since then, bringing in billions of dollars as attack revenues. A modern-day ransomware attack can cost as much as $133,000, depending on the target’s position and hacking method.

Regarding the attacker, Popp had a nervous breakdown at an airport in Amsterdam and was later detained in the Netherlands in January 1990. In his luggage, police discovered equipment with the “PC Cyborg Corp.” label.

He was returned to the US by the authorities, where the FBI picked him up. He was then deported to Britain by New Scotland Yard because of blackmail.

In 1992, however, the court ruled that Popp was not competent to stand trial. To defend himself against the court, he supposedly started wearing curlers in his beard and placing a cardboard box on his head. In 2007, he died of old age, leaving a trail of intent-based hacking philosophy behind.

Share this:

  • Click to share on LinkedIn (Opens in new window)
  • Click to share on Reddit (Opens in new window)
  • Click to share on Twitter (Opens in new window)
  • Click to share on Facebook (Opens in new window)
  • More
  • Click to email a link to a friend (Opens in new window)
  • Click to share on WhatsApp (Opens in new window)

Related

Tags: aids trojan ransomwarecyber express newscyborg corporationcyborg virusdr joseph poppfirst ransomware attacThe Cyber Express
Previous Post

Researchers Find New Variant of BianLian Ransomware

Next Post

Medical Records of Over 1 Million CNY Patients at Risk

Avantika Chopra

Avantika Chopra

Related Posts

Voice Networks
Features

Voice Networks are Under Attack – is Anybody Listening?

by Editorial
February 4, 2023
Artificial Intelligence
Firewall Daily

Artificial Intelligence: The Bridge Between Utopia and Dystopia

by Editorial
February 2, 2023 - Updated on February 3, 2023
InTheBox
Features

Global Banking Apps Under Attack: Researchers Find ‘InTheBox’ Web Injects

by Ashish Khaitan
February 1, 2023
SOCs
Features

SOCs to Face Greater Challenges from Cybercriminals Targeting Govt. and Media in 2023

by Editorial
January 28, 2023
Apple Unleashes New Updates
Features

Revitalize Your iPhone 5s and Beyond: Apple Unleashes New Updates

by Ashish Khaitan
January 24, 2023
Next Post
FTC

Medical Records of Over 1 Million CNY Patients at Risk

Latest Issue is Out. Subscribe Now

Ai in Cybersecurity - Cybersecurity Magazine by The Cyber Express

Download Now



Follow Us On Google News

Never miss an update. Subscribe!

* indicates required

Recommended

Qakbot Malware

Spammers Deploy Information Stealing Qakbot Malware in OneNote Attachment

February 2, 2023
Django Vulnerability

Django Reports DoS Vulnerability, Releases Security Updates

October 21, 2022

Categories

Don't miss it

Voice Networks
Features

Voice Networks are Under Attack – is Anybody Listening?

February 4, 2023
Firewall Daily

Anonymous Sudan Declares War on American Corporate Giants with Devastating DDoS Onslaughts

February 4, 2023
LockBit. Ion Group
Cybersecurity News

LockBit Claims Ransom From ION Group, Firm Declines To Comment

February 4, 2023
Dominic Alvieri
Firewall Daily

After Hive, Will More Ransomware Groups be Taken Down in 2023?

February 4, 2023
McEwan Fraser Legal
Data Breach News

ALPHV Ransomware Hits UK Realty Firm McEwan Fraser Legal, 300GB Data On The Line

February 3, 2023
Kewal Kiran
Firewall Daily

Indian Apparel Manufacturer Kewal Kiran Clothing’s Data Out For Sale

February 3, 2023

About

The Cyber Express

Cybersecurity News and Magazine

The Cyber Express is a handbook for all stakeholders of the internet that provides information security professionals with the latest news, updates and knowledge they need to combat cyber threats.

Follow The Cyber Express

Contact

For editorial queries: [email protected]

For marketing, PR & media partnerships: [email protected]

For media kit and digitals sales: [email protected]

For Sponsorship/Event Partnership: [email protected]

For Conferences related information: [email protected]

Our Address

We’re remote friendly, with office locations around the world:

San Francisco, Atlanta, Rome,
Dubai, Mumbai, Bangalore, Hyderabad,  Singapore, Jakarta, Sydney, and Melbourne

 

Headquarters:

The Cyber Express LLC
555 North Point Center E
Alpharetta, GA 30022, USA.

Tel: (678) 578-8838

Subscribe to Our Feed

RSS Feeds

Follow Us On Google News

© 2022 The Cyber Express (Cybersecurity News and Magazine) | By Cyble Inc.

No Result
View All Result
  • Firewall Daily
  • Business News
  • Cyber Essentials
  • Features
  • Cybersecurity Magazine
  • Events
    • World CyberCon Middle East 2023
    • Webinars

© 2022 The Cyber Express (Cybersecurity News and Magazine) | By Cyble Inc.

Welcome Back!

Login to your account below

Forgotten Password?

Retrieve your password

Please enter your username or email address to reset your password.

Log In

Add New Playlist

This website uses cookies. By continuing to use this website you are giving consent to cookies being used. Visit our Privacy and Cookie Policy.