Data Theft & Online ScamThe art of online seduction and data theft
This case story is about an incident of a data theft. Our victim here is MR. He had checked his emails one night before going to bed, as he had always done. He downloaded an important looking PDF file to prioritize for the next morning’s schedule. He lived his life organized and thorough. It was busy. Busy enough so that he didn’t notice anything wrong with that pdf. Because a normal 3-page pdf file should never exceed kilo bytes in size. But the size of that particular document was about 5 mega bytes.
After waking up, to his utter disbelief he found that all of his documents, including that particular PDF was gone. His computer worked fine, there was a slight lag, that regular users wouldn’t notice. He had more pressing concerns. Still he didn’t realize that he was a victim of data theft.
The hard drive was completely empty except for the installed software. He kept his passwords, bank accounts and financial details in a password protected tool. That was gone too. His misfortune compounded when he saw that his google drive full of personal, family photos were taken as well. The Dropbox where kept his official documents had nothing in it. But, after opening his email again, he saw that there was an email saying what had happened to all his data. Before that day, he only read about these kinds of events in the newspapers and saw it on the television screens. It seemed unreal to him. But it happened.
Of course, the email came with a threat of leaking the information, a caution for not going to the police and demand for money.
Mr. M had given in. His whole career was riding on that data, not to mention his and his family’s privacy was on the line too. He sent the demanded money. But did not get all the stolen data back. The perpetrator had kept the string tightened around his neck for further extortion. At that point, Mr. M decided to hire us.
Upon auditing his devices and traffic, we found out that the hacker got in through a Trojan Horse laced to that PDF file. We removed the dormant virus from client’s device and then investigated the file, the email with which it came attached and the place where it was originated from. After a successful back-tracing we got into the hacker’s system and identified the server where he was keeping the stolen data. We wiped the client’s data off of that server and recovered it all.
Finally, we scanned every device client was using for virus and disinfected them accordingly. Then, we secured the devices and network with our proprietary tools and techniques.