When they submitted the altered transaction ID into the Qlocker Tor site, it accepted it as payment and displayed the victim's 7zip password. Using this bug, victims could take a Bitcoin transaction ID from a person who had already paid and slightly alter it. Update 4/22/21 09:15 AM EST: Early this morning, BleepingComputer was contacted by security researcher Jack Cable about a bug he discovered in the Qlocker Tor site that allowed users to recover their 7zip passwords for free. This password is unique to the victim and cannot be used on other victims' devices.
The password displayed after a ransom is paid
0 kommentar(er)
