0x3a - Security Specialist and programmer by trade - Playing games with an attacker: how I messed with someone trying to breach the CryptoWall tracker
The game I played with an attacker described in this blog was inspired by a TED talk where someone played games with a 419 scammer: James Veitch - This is what happens when you reply to spam email
On February 10th I released a wealth of information on the CryptoWall ransomware. I structured all the information about CryptoWall on a website and made it public in the form of a website known as the ‘CryptoWall Tracker’: https://www.cryptowalltracker.org/
When running a publicly accessible website you can expect to get 'free security advise’ from the internet in the form of web pentesting and whatnot. Most of the scans (pentests) are automated for all kinds of reasons; be it compromising websites to abuse it for CryptoWall proxies (as described [ here ]), or simply defacing it for Zone-H 'credits’.
Some weeks ago I noticed someone started to poke the CryptoWall tracker website, this article describes the fun I had messing with the attacker (I’m assuming it was one person, more on that later).
:quality(70)/cloudfront-eu-central-1.images.arcpublishing.com/irishtimes/EYDVT2PR7BADZOMLJIDGXDXCPU.jpg)
/https%3A%2F%2Ftf-cmsv2-smithsonianmag-media.s3.amazonaws.com%2Ffiler_public%2F58%2F46%2F58467362-e456-4aac-949f-8aeef382e29d%2Fgettyimages-85783311.jpg)
