New research by ProPublica indicates that Scottish IT services provider Red Mosquito is making money by taking advantage of companies targeted in ransomware attacks.
By posing as both a ransomware victim and the attacker in communications with the firm, a researcher discovered that Red Mosquito claimed it would investigate the ransomware infection, but in reality the company immediately contacted the alleged attacker in order to negotiate a ransom fee. After agreeing on a $900 fee, the company paid the attacker and then charged the victim $3,950 for retrieving their files. So instead of providing an actual service, Red Mosquito merely seems to profit from ransomware victims by secretly paying off threat actors and then charging massive sums.
Red Mosquito is not the only IT firm that has been caught benefiting from the ransomware boom. Similar cases have been reported in recent years.
Read more: UK ransomware firm ‘helps’ victims by paying off hackers, tacking on massive fee