An Indian hacker group is reportedly using ransomware to force its victims to do good deeds. Threat analysis firm CloudSEK has flagged the malware and identified it as GoodWill ransomware. CloudSeK has also traced the GoodWill hacker group’s IP address to Mumbai, India.
If the victims want their data back, they must donate to the poor and provide financial assistance to patients. Victims must capture these acts using a photo frame provided by the hackers and post them on social media.
GoodWill Hacker Group
This Robin Hood-like hacker group uses ransomware to encrypt a user’s photos, documents, and other files. This ransomware prevents users from accessing these files and can only be unlocked through a decryption key. The victims must pay a ransom or, in this case, do good deeds.
The victims’ first task is to donate new clothes/blankets to the needy people on the roadside and make a video of the event. Their second task is to feed five kids under 13 at a Domino’s, KFC, or Pizza Hut. They must also take a selfie with the kids after their meal.
Their final task is to pay for someone’s hospital bill. The victims must also contribute the maximum amount of their total bill.
The GoodWill hacker group also asks the victims to post photos of these acts on Instagram, Facebook, or WhatsApp stories. Although the hacker group means good through these acts, it doesn’t fall under the umbrella of ethical hacking.
The legality of the methods used by the group is questionable. However, this does send a message to the victims. The hacker group has also posted on its security bulletin, “It doesn’t cost you high, but matters for humanity.”