French Police Suspect French Activists Involvement in WannaCry Ransomware

WannaCry ransomware is one of the largest distributed ransomware attacks that target systems running Microsoft Windows.

0
wannacry

Days after WannaCry ransomware broke in over a hundred countries, the French police discovered a server running TOR relays that belonged to an activist, Aeris. The police said these servers were seized due to a “connection” to the WannaCry ransomware.

The French activist highlighted the incident on the Tor Project’s mailing list. There, he stated that users shouldn’t trust the specific relays; that were also special servers credited by the TOR clients as a gateway when entering the TOR environment.

The statement also mentioned how his servers were seized after a major business was infected by WannaCry. The infected organisation logged all outbound traffic during the attack and provided the information to the police.

wannacry
The French Police march against digital rights management techniques and the DADVSI copyright law.

WannaCry ransomware operates via a command and control server that masks itself using the TOR system. Aeris believes that his servers were used as a door to use the TOR servers.

Many TOR servers are designed to only log minimal information such as status information and uptime. Unless Aeris altered the settings on his machines, the French police have nothing to extract from his servers.

The media was full of news related to the WannaCry ransomware, but this incident was only reported by the local media. The French rebel also tweeted about his property being seized by the local authorities.

wannacry
Screenshot of the ransom note left on an infected system.

The L’Office Central de Lutte Contre la Criminalité liée aux Technologies de l’Information et de la Communication (OCLCTIC) is the French cybercrime investigation unit working on this case.

Aeris believes there is more to the investigation, believing other TOR servers in France went offline before the incident. The activist also provided a list of servers that he is investigating.

Currently it isn’t confirmed as to how many servers were involved in the WannaCry ransomware. There is very little information about these events, and those in question are reluctant to share information related to the TOR servers.


Anonymous recommends: Click Here To Surf & Download Anonymously, Protect Yourself From Any Hackers Or Spy Agencies And Get Around Censorship Filters

Click here to follow us on steemit.com, the decentralized social media platform with no censorship and get paid for your posts, likes and comments!

Do you like our independent & investigative news? Then please check these two settings on Facebook to guarantee you don't miss our posts:

anonymous news feed and notifications

 
SHARE

LEAVE A REPLY

Please enter your comment!
Please enter your name here