Ransomware Gang Wants To Short the Stock Price of Their Victims (therecord.media) 84
The operators of the Darkside ransomware are expanding their extortion tactics with a new technique aimed at companies that are listed on NASDAQ or other stock exchanges. From a report: In a message posted on their dark web portal, the Darkside crew said it is willing to notify crooked market traders in advance so they can short a company's stock price before they list its name on their website as a victim. The Darkside crew believes that the negative impact of having a traded company's name listed on its website would be enough to cause its stock price to fall and for a crooked trader to make a profit.
"While other ransomware families previously discussed how to leverage the effect of a publicly disclosed cyber attack on the stock market, they have never made it their official attack vector," Dmitry Smilyanets, threat intel analyst at Recorded Future, told The Record today. "DarkSide becomes the first ransomware variant to make it formal." However, the announcement also serves as an indirect method to threaten hacked companies that not paying the ransom demand could result in negative press large enough to impact their market listings and enough to push some victims into paying the asked ransom.
"While other ransomware families previously discussed how to leverage the effect of a publicly disclosed cyber attack on the stock market, they have never made it their official attack vector," Dmitry Smilyanets, threat intel analyst at Recorded Future, told The Record today. "DarkSide becomes the first ransomware variant to make it formal." However, the announcement also serves as an indirect method to threaten hacked companies that not paying the ransom demand could result in negative press large enough to impact their market listings and enough to push some victims into paying the asked ransom.
Re: (Score:2)
Wouldn't that provide a list of perpetrators? Ask the stock market themselves.
Re: (Score:2)
How? There's plausible deniability unless you can prove they paid for it - at least if it's done infrequently, and with a modest part of the portfolio.
Now... if the only gains these people make are outsized and consistently only the affected firms and timeframes - sure, you could go after them. But I highly doubt that anyone trying to do this wouldn't take the necessary precautions to mask it.
Re:Who cares? (Score:4, Insightful)
Re: (Score:2)
But what if they are posting it on their site, open to the public? or via a news letter? that would be considered public information and not insider trading.
Now profiting from a criminal act, that's a different story, but would likely be outside the SEC's area of enforcement.
Re: (Score:3)
Now profiting from a criminal act, that's a different story, but would likely be outside the SEC's area of enforcement.
The SEC doesn't have an ability to act on "profiting from
Re: (Score:2)
i understand - the difference there is a reason why i phrased it the way i did with say "a mailing list" plenty of things in the past have been considered pubic, just because you don't know where to look doesn't mean you couldn't have.
just saying - any bad trader with the capitol to significantly short the stock (hedge funds) aren't going to be the ones who get in trouble here, they always have an out.
Scammers gotta scam (Score:2)
Null thread considered harmful? Actually I blame the first reply for propagating the sock puppet's worthless abuse of FP. Only shred of interest in the sock puppet's negative contribution is whether it is evidence that Slashdot has imposed an actual cost on spawning sock puppets. Or was the troll simply too lazy to switch to the "proper" sock puppet for the editor of the story? Or just too stupid to notice who the editor was?
However, the abuse of anonymity is actually tightly linked to the story. It actuall
Re: (Score:2)
The "powers that be in charge of the stock markets" [Really? The ASCII art filter hates long hyphenated adjectives?] changed the rules of the game so that pump-and-dump stock scams couldn't work, and now they need to adjust the rules to block short trading on insider knowledge of ransomware attacks
They are very different things. Pump and dump scams are easier to spot than short selling on insider knowledge. This is mostly because one can't tell if the short sale is because of insider knowledge or personal research or just a guess. They have to wait for the publication of the ransomware attack and then look at who shorted the stock and their previous trading history. Insider trading is illegal and this is how many who trade on insider information are caught.
There were more random speculators to hide among with the pump-and-dump scams, but short traders are relatively scarce
Short traders aren't that scarce and if the
Re: (Score:1)
Really hard for me to figure out what you're trying to say there. I think it's a critical response, but too much effort already spent trying to figure out what you're focusing on. In some places you seem to be agreeing, but out of phase with my comment, and in other places you seem to be disagreeing, but again out of phase, since your disagreements are in agreement with other parts of my comment.
The slice-and-dice approach of inline response tends to do that. I'd much prefer your coherent explanation of wha
Re: (Score:2)
There are already substantial penalties and the profits are forfeit so there is no reason to unwind the de
Re: (Score:2)
Okay, it sounds like you basically agree with me, but I think you are not relating your position (or mine) to the original story. There is a new technical wrinkle in this scam. Actually, there are two aspects that I am still unclear on.
One is whether they are using the ransomware to secure "proof of breach" as part of their scam. The rumor a company has been attacked by ransomware might be effective, but I'm not a player so I can't say whether it would persuade me to bet against the company.
However the seco
Re: (Score:2)
...I guarantee you the SEC will come down hard on anyone who trades on this information.
Please. Enlighten us on just how many obscenely wealthy lawmakers the SEC has "come down hard" on.
That should give us an idea of what enforcement looks like, right?
Re: (Score:1)
And, I guarantee you the SEC will come down hard on anyone who trades on this information.
The same way DEA comes down hard on the 0.01% of drug traffickers they catch?
Re: (Score:2)
The SEC looks at past trading patterns and can issue subpoenas for all electronic communication devices including personal devices as well as email logs, chat logs, etc. to get evidence of the insider trading described. And, I guarantee you the SEC will come down hard on anyone who trades on this information.
Indeed. And there is no way for the ransomware gangs to use communication means that the SEC can not mandate to be fully archived, because that would allow tracing the communication back to them.
Re: (Score:2)
How? There's plausible deniability unless you can prove they paid for it
Nope... Don't mess with the SEC. It's almost as bad as messing with the IRS. They have the choice of criminal and civil actions. The suspected have to prove their innocence, while the burden of proof for SEC assigning fines and winning on Civil actions is very low - circumstantial evidence suggesting a trader may have benefitted from an unlawful activity occurring or from non-public info is enough to hit that 51% likelihood thres
Re: (Score:2)
Plausible deniability will not cut it against the SEC. Or any type of determined and competent law enforcement, really. There is always some way to turn the burden of proof around if things look suspicious enough.
Re: (Score:3)
If we are only talking about USA traded security on public exchanges, the a very very hard YES, a large percentage of them will be caught. Greed is one thing, it's expected from hedge funds and that's why a lot of them over time get fines and people are prevented from trading.
Front running on insider info for shorting, the SEC has made a living off of these type, And it is a Darwinism effect at it's best, because the horrible traders and hackers will be caught, the good one's will make it, and over time the
Re: (Score:2)
It will. For this to work, some traders have to know in advance. This will simply be classified as insider trading and get the ones using that info significant prison time and huge fines. Hence after a short while any trader contacted with such information will simply forward it immediately to law enforcement to protect themselves.
Also, while well-maintained darknet website (which I guess is what we are talking about here) is hard to hack, it likely is not impossible, especially when there is real money to
interesting (Score:5, Interesting)
If they've been successful for N times in a row, I wonder how often they'll include a big name just to jigger the stock price.
Re: (Score:2)
The people who typically get caught in these schemes are the ones that don't practice self control. They too far too quick and draw entirely too much attention to themselves.
On the other hand, these people could end up with a misinformation gambit going on that could create complete and utter chaos.
Re: (Score:2)
Indeed. It is good criminal practice to never, ever escalate the size and damage of the operation to anything higher than "nuisance". Anything else will make scary people come after them reliably.
Re: (Score:1)
More likely they will be paid by vulture capitalists to do it on purpose, more than likely some have already been paid by vulture capitalists to do it on purpose. Insider trading based upon hacked data or extortion schemes like Epstein the kiddy fiddler, are bound to happen and already have happened. Holding crypto puts a target on your back, they want that password from you, they will get it. Growing corruption is crippling the US economy.
A bad end (Score:5, Interesting)
I have to wonder just how long it will be before one of these ransomware gangs piss off the wrong people. I can well imagine a rich victim of their arrogant schemes wanting revenge and then putting up the money needed to a) find them, and b) raid them. With rules of engagement not concerned with petty things like legal rights (whatever those might be).
I remember when Ross Perot hired mercenaries to rescue his people in Iran. If that could happen then I think what I am describing could.
Re:A bad end (Score:4, Interesting)
With this new threat, if victim companies don't attempt aggressive counter-measures, they might be negligent.
Re:A bad end (Score:4, Interesting)
Well, this could be it. Ransomware gang feeds the name of a recalcitrant victim to some 'crooked market traders'. Then the latter get caught in a short squeeze and lose money.
If some third party can spoof communications from the ransomware gang to the traders they can sucker them into such a position. Losses mount and the traders go looking for someone's head. We just pull up an easy chair with a bowl of popcorn.
Re: (Score:3)
Well, this could be it. Ransomware gang feeds the name of a recalcitrant victim to some 'crooked market traders'. Then the latter get caught in a short squeeze and lose money.
Or, more likely, the SEC looks into who profited from the shorting the stock of a company named as a ransomware gang, sees the "crooked market trader" has made a lot of money on it and pursues the trader for insider trading.
Re: (Score:3)
Well, this could be it. Ransomware gang feeds the name of a recalcitrant victim to some 'crooked market traders'. Then the latter get caught in a short squeeze and lose money.
Or, more likely, the SEC looks into who profited from the shorting the stock of a company named as a ransomware gang, sees the "crooked market trader" has made a lot of money on it and pursues the trader for insider trading.
Where does the ransomware gang find their crooked trader to go in with on the extortion attempt? It's not like you can google "crooked traders who want insider tips" so more likely it will be someone they know and where both sides trust the other. Then the gang tells the target "pay up or else" and of course the target goes to the law, the gang does its thing and the trader makes a bunch of money not knowing the SEC is looking closely at trades in stock X and its options (casue options are where the real
Re: (Score:2)
Re: (Score:2)
Basically, the gang just has to contact a few questionable traders and give them the information. If those traders act on the insider information, they are crooked traders by definition. They may offer the information to a few people in /r/WallStreetBets who say things like "Short selling is how the rich game the system". Someone with that opinion, provided with information that would allow them to "game the system" like the rich, may very well act on it. They may not realize or care that they are engaging in insider trading and use the information to sell the stock short before the public release of the information.
The problem is a few shorts aren't going to do much unless they can take a significant position; and if they start making comments in an attempt to drive down the price, before the hack is revealed, the traders risk exposure. I just don't see it as that credible a threat.
Re: (Score:2)
It's not like you can google "crooked traders who want insider tips"
Well, no, that search won't work.
You misspelled "lawmaker".
Re: (Score:3)
Well, this could be it. Ransomware gang feeds the name of a recalcitrant victim to some 'crooked market traders'. Then the latter get caught in a short squeeze and lose money.
There would be no squeeze. Shorting is just “borrowing” a stock and selling it with the agreement to purchase it later. Then if it drops they can pocket the difference but the gain is capped as stocks don’t generally go negative and losses could be infinite since there is no price limit on stocks. The squeeze happens if there are liquidity issues such as buying enough stock to cover their losses is enough to significantly drive up the price. So they would need billions of dollars or mo
Re: (Score:2)
>I have to wonder just how long it will be before one of these
>ransomware gangs piss off the wrong people.
"You utter *moron* !!! How could it *possibly* not cross your mind that 'columcart.com' could mean 'Columbian Cartel' ???"
A bad shot. (Score:2)
Well you'll note that none of the victims belong to the illegal drug industry, or the mob. Two groups that have money and no scruples. You'll also note none of the victims are the military.
Re: (Score:2)
Well you'll note that none of the victims belong to the illegal drug industry, or the mob. Two groups that have money and no scruples. You'll also note none of the victims are the military.
The militaries of most countries with civilian control of the armed forces would be a safe target. While they clearly have great ability to kill people around the world, they need permission to use it. The US military, in particular, would be completely unable to respond with force. They might sic their intelligence people on the problem and then feed information to law enforcement, but that's about all they could do.
I suppose if you directly attacked a covert action unit, there's a slim chance they might
Re: (Score:1)
I have to wonder just how long it will be before one of these ransomware gangs piss off the wrong people. I can well imagine a...
I think you've been watching too many movies.
Organised crime gangs are a lot more familiar with illegal 'rules of engagement' than most 'rich victims'. This is why the whole scam works.
I remember when Ross Perot...
The difference here is that lives were at risk. Ransomware is specifically targeted to be just valuable enough to worth doing, but not valuable enough that anyone would waste time pursuing. If you run a $100M operation and that is put at risk for a $20k ransom, you pay the $20k. The ransom is deliberately set low enough tha
Re: (Score:2)
The difference here is that lives were at risk. Ransomware is specifically targeted to be just valuable enough to worth doing, but not valuable enough that anyone would waste time pursuing.
The known, documented attacks against hospitals I think can be described as high value where lives are at risk. And it is an increasing trend.
The example of Ross Perot was just simply that money is power, and there will be people with power who are fed up with waiting for the government to solve it for them.
Re: (Score:1)
The example of Ross Perot was just simply that money is power, and there will be people with power who are fed up with waiting for the government to solve it for them.
I'm down with that. The welfare state, while noble in its intention, has created a generation of people dependent on the government to do everything for them.
Re: (Score:2)
They may have done that recently with Apple. I would be very surprised if Apple does not have a few no-ethics mercenaries they can contact. And Apple sure has the resources to identify the attackers. If nothing else helps, offer $10M and protection to anybody that rats the others out. Compared to the damage done, that is peanuts. In the end, the ransomware business model has one fatal flaw: It causes massively more damage than the criminals earn with it. Criminal "business models" of that type have a tenden
We tolerate ransomware and hackers (Score:1)
But the wealthy people who pull the strings of the SEC and Wallstreet are going to be far less forgiving. I can imagine the SEC seeing a red flag on a bunch of shorts before an major announcement. Insider trading is no joke, unless you're wealthy and well connected, then it's business as usual.
Stick to ripping off credit card companies and small businesses and other groups that either don't care or don't have the power to squash you.
Re: (Score:2)
Insider trading is no joke, unless you're wealthy and well connected, then it's business as usual.
Funny. The clarity you've provided here, actually proves just how much of a joke insider trading, actually is.
The solution is simple... (Score:5, Insightful)
Just get rid of shorting... it shouldn't exist in the first place as it's mainly use by the wealthy to game the system.
Re: (Score:3, Informative)
Approximately half of all volume on stock exchanges is short activity and without it the markets would not be able to function. Since market makers do not generally keep inventory, to provide liquidity to buyers they need to be able to short the issue. Options market makers require shorting so they can delta hedge their positions, the risk would be too high to sell naked and spreads would vanish.
There are strict rules regarding shorting in general and Finra requires periodic reporting. You can find an ex
Re: (Score:2)
So much jargon. It makes the whole thing sound reasonable.
Translation: shorts are necessary so rich dudes can sell stock without actually owning any. It's basically why bookies are necessary.
Of course the stock market would function without shorts. Most markets do. There's a valid argument that it wouldn't be able to respond to events as quickly, and thus would be less efficient.
Re: (Score:2)
So much jargon. It makes the whole thing sound reasonable.
It is reasonable. You should bother to understand the jargon. In particular, you should learn about liquidity, why it matters, and what kinds of bad things happen in markets that don't have enough of it. You should also learn what market makers are and why they're essential to a healthy and effective market.
Re: (Score:2)
Ah, the finance nerds. You can't post anything about the stock market without getting a bunch of these content free "you should learn about" posts.
Re: (Score:2)
Ah, the finance nerds. You can't post anything about the stock market without getting a bunch of these content free "you should learn about" posts.
Imagine posting about parsers and having people tell you that to comment sensibly you really need to understand top down vs recursive descent vs LL, etc.
When you're commenting on a complex topic without understanding what you're talking about, people who do know what they're talking about have only three choices (a) ignore you and let your (incorrect) points stand, (b) educate you or (c) tell you that you need to educate yourself. (b) is the best option, of course, but only if the topic is simple enough
Re: (Score:2)
So much jargon. It makes the whole thing sound reasonable.
It's very reasonable when you understand how markets work.
Translation: shorts are necessary so rich dudes can sell stock without actually owning any. It's basically why bookies are necessary.
And you seemingly don't if that's the translation you came up with.
Re: (Score:2)
Lol. You might want to look up what markets actually are. Not stock markets, markets in general. And don't forget to read about betting markets specifically.
Re: (Score:2)
"The male inserts his penis into the female's vagina. Upon ejaculation and successful insemination, a gestation period of..."
"Omg all that jargon it's the stork that bring baybee!!!'
Best of luck.
Re: (Score:2)
Just get rid of shorting... it shouldn't exist in the first place as it's mainly use by the wealthy to game the system.
Ah, so it only affects the wealthy? This should be easy to shut off then.
We'll get that done right after we pass term limits for lawmakers.
Oh, and Satan just called. He's looking forward to ice cream after the snowball fight.
Re: (Score:2)
Shorting is a perfect tool for slowing or stopping a stock from getting to out of hand. also it is a perfect way of making money when a stock that is in an industry that has past it's prime and no longer needed. For example the saddle maker, when cars took over, pouff no longer needed. another one which took me by surprise, the alarm clock maker, once critical mass of cell phones caught on, 1998-2001, the sales of alarm clocks dried up, that was a perfect short.
Re: (Score:2)
Shorts have a strong incentive to ferret out weak and fraudulent companies. It's not a perfect system, but I think the market would be worse off without it.
Someone's going to jail? (Score:2)
That kind of pattern of trading is one of the most obvious things market watchdogs look for, and since traders are clearly identified, would be grounds for an easy lawsuit and someone going to jail pronto. I don't know that many traders would be willing to risk that - they aren't protected by "7 proxies" unlike the would-be-hax0rz.
Re: (Score:1)
Last time that happened, it was called "Enron". That was a long time ago. The SEC is about as effective as a wet noodle, much like the FTC because they are ultimately subject to regulatory capture.
Ransomware provider - their own security (Score:2)
Crooked market traders? (Score:2)
If these folks notify short sellers in advance and those people take advantage of it, the SEC will be sure to investigate. In fact, since these folks announced their intentions, you can be sure the SEC will be taking a close look at trades in companies which are subsequently hit up for a ransom payment.
If these folks were smart (criminals rarely are), they wouldn't have posted this information but would have simply done what they said they will do. Thus letting the short sellers profit without undue worry
Only a fool would act on the insider info. (Score:2)
Trader shorts the stock.
Trader makes money
SEC looks into who shorted the stock beforehand Trader is charged with insider trading, found guilty, is sentenced to prison and a massive fine.
The SEC doesn't like insider trading, especially this kind where it is based on knowledge of an illegal act before said act is made public.
Re: (Score:2)
The SEC doesn't like insider trading, especially this kind where it is based on knowledge of an illegal act before said act is made public.
Indeed. After the first few traders are in prison, nobody will touch this with a 10 foot pole. Also, unless the trader is really sure this is the ransomware gang contacting them, there is a huge risk it is not.
Off Topic: Related Links (Score:4)
Trump Tests Positive For COVID-19
Trump Fires Election Security Director Who Corrected Voter Fraud Disinformation
House Votes To Impeach President Trump a Historic Second Time
Trump To Congress: Repeal Section 230 Or I'll Veto Military Funding
Researchers Launch Open-Source Website To Hunt Down Capitol Insurrectionists
What do any of these have to do with the story at hand? I swear Slashdot suggests the same Trump stories for every article. Either that or it suggests stories about Biden winning the election and being sworn in as president. I just don't get it. None of these stories has anything to do with the article. It could be a story about a new version of Firefox and Slashdot will suggest these stories. It's weird and creepy.
Re: (Score:2)
You must be new here. You seem to be under the impression that the "management" and "editors" of /. actually care about anything to do with the site.
Re: (Score:1)
Re: (Score:3)
They are all about a douche bag criminal, that's how they are related.
Re: (Score:1)
They are all about a douche bag criminal, that's how they are related.
Yeah, you're right. I have seen a lot of 'related' stories about Biden winning.
(Go ahead, mods. Downvote this factual comment and confirm what everyone already knows about your bias.)
So how does a share price going down make money? (Score:2)
Re: (Score:2)
You borrow 10 shares worth $100 each. You then sell them immediately and now have $1000.
Tomorrow, the share prices drops to $50 each. You buy 10 shares for $500, and give them back to whomever you borrowed them from.
You now have $500
Re: (Score:2)
Why would someone just let you "borrow" stocks without charging you the value of those shares?
The only way I can see you getting richer by borrowing high value stocks from someone is if they become worth even more while you are borrowing them and the person you borrowed them from pays you a commission on that increase when you return them.
Alternatively, if you already had stock in the company,. I suppose you could sell your stock before it goes down and clear some profit that nobody else would be able
Re: (Score:1)
Why would someone just let you "borrow" stocks without charging you the value of those shares?
Like borrowing money, there is an interest fee. Why do people let you borrow money? Same reason.
The only way I can see you getting richer by borrowing high value stocks from someone is if...
Did you not read the example given? In that example you just made $500 by a stock falling 50% in price.
You don't borrow and hold, you borrow and sell immediately with the intention of buying back later at a lower price in order to give the borrowed amount of stock back. If it goes lower you profit, if it goes higher you lose.
Other people not making money does not translate to you making more money than you otherwise would.
The GP spelled it out quite clearly, and it's quite a common practice.
Re: (Score:2)
Yes, but you have to pay *BACK* what you borrowed.
So if you pay back with shares that are worth less than they were when you first borrowed them, why does it not fall upon you to pay back the difference?
Re: (Score:1)
Yes, but you have to pay *BACK* what you borrowed.
Correct. So if you borrowed $100k USD then sold it immediately for $150k Canadian Dollar, and then the value of the USD shrinks over the course of the loan, you then sell your $150k CAD back for $110k USD and pay back the initial loan of $100k and keep the extra $10k profit.
If the value of the USD goes up, you have to buy back at a worse price than you started with and you lose out.
So if you pay back with shares that are worth less than they were when you first borrowed them, why does it not fall upon you to pay back the difference?
You are paying back the number of shares, not the value of shares.
If you borrow a banana, then give a banana back at an agr
Re: (Score:2)
A person who would lend someone shares on such a basis is, IMO, an idiot. The logical extreme of this position suggests if you lend me 5 pieces of paper that are $20 notes, I should be able repay the debt by giving you 5 pieces of paper that are $1 notes. You lent me paper, and I gave you back the same amount of paper. What's the problem?
This is, of course, absurd.
Like those pieces of paper that are produced by the mint, the only reas
Re: (Score:1)
A person who would lend someone shares on such a basis is, IMO, an idiot.
Well you are entitled to your opinion, it doesn't change how the world works however.
The logical extreme of this position suggests if you lend me 5 pieces of paper that are $20 notes, I should be able repay the debt by giving you 5 pieces of paper that are $1 notes. You lent me paper, and I gave you back the same amount of paper. What's the problem?
You're failing to abstract the object from the value of the object. a $20 notes is always worth $20, but 1 share changes in value by the second. These variations offer an opportunity for profit or loss.
This is, of course, absurd.
Yes because your analogy fails to separate the object from its value.
Like those pieces of paper that are produced by the mint, the only reason that anyone trades shares in the first place is because they have monetary *VALUE*, and so it would seem that any lending of such shares must reflect that value, just as lending pieces of paper issued by the mint should be repaid by their value.
The part you are missing is that that value changes over time. And with all investing/gambling, some people think it will go up, and others think it will go
Re: (Score:3)
You borrow 100 shares of WIDGET stock for 30 days and sell it for $100 per share getting $10,000.
20 days later, WIDGET stock tanks and goes down to $10.00 per share. You buy the 100 shares you need to return spending $1,000
You pocket the $9,000 dollars you didn't use to return the shares.
Of course, this is dangerous because there is a limit to the amount one can make but there is no limit to the amount one can lose if the stock goes up. Imagine borrowing and selling 1,000 shares of a stock at $10.00 and it goes up to $10,000 a share when they announce they ha
Re: (Score:2)
Can someone who understands this explain in layman's terms how the heck it is supposed to work?
With market oversight that works, it will not.
Hit enough money.. (Score:2)
It is a simple equation really.
Hit enough value, and victims may rather invest in having DarkSide hacked back and shut down.
Won't work (Score:2)