After compromising the personal information of approximately 90,000 customers at two Canadian banks, hackers demanded $1 million of XRP for the supposedly safe return of the data. While we’ve grown more accustomed to bitcoin-based ransoms, criminals may be attracted to the liquidity in the altcoin market and the lax KYC protocols on some of the international cryptocurrency exchanges that support them.
Earlier today, the Canadian Broadcasting Corporation (CBC) reported that hackers stole information from account holders at Bank of Montreal and CIBC’s Simplii Financial, two banking institutions. The theft included names, account numbers, passwords, security questions and answers, Social Insurance Numbers (essentially, the Canadian equivalent of Social Security numbers), and account balances. For the victims, it’s devastating to say the least.
After the hack, in a message from a Russian email address, the ostensible thieves demanded $1 million worth of XRP, a digital asset on the Ripple Ledger. Otherwise, they threatened they would leak the stolen information online. The attackers offered proof of their hack by sharing information about a customer from each bank.
“These … profile[s] will be leaked on fraud forum and fraud community as well as the 90,000 left if we don’t get the payment before May 28 2018 11:59PM.”
The ransom date has already expired and it’s not apparent whether the hackers released the information, or whether the demand was for US or Canadian dollars. Presumably, they might have offered the data to the highest bidder somewhere on the dark web.
Note: Even if the hackers were paid off (which it seems Bank of Montreal and Simplii decided against), who’s to say that the thieves would have deleted the stolen data? It’s a lose-lose situation.
What’s strange and interesting about this hack is that the thieves requested XRP. Why did they do that?
While law enforcement agencies have turned their attention to bitcoin, perhaps altcoins are slipping under the radar a little bit. Especially internationally, exchanges have demonstrated a profound lack of concern about who their customers are and where their cryptocurrency holdings originate from. This might have enticed the hackers to use an altcoin as a backdoor into one of the exchanges.
That said, services like Chainalysis are primed to expand their investigation software beyond bitcoin alone. For the time being, bitcoin remains the preferred ransom crypto, and this XRP demand is just a drop in the bucket.