Skip to content
LPBN-Icon-v1
Nonprofit Law Prof Blog

Charitable “Hacktivists” and Their Ransomware Fundraising

By nonprofitlawprof

This odd ransomware will target your business servers, but then ask for a donation to charity | TechRadarThis odd ransomware will target your business servers, but then ask for a donation to charity.

My golfer daughter landed a nice job out of college with an oil and gas company.  She’s not a geologist or engineer or anything like that.  She majored in computer information something or other and she is now in Information Systems Security.  “Ooooh!” I yawned when she first told me about it.  She monitors and manages the company’s email and internet server for “threats.”  Its in Houston, but the company’s headquarters is in Hawaii and they get together once a year.  I might need to see if my helicopter parent flight suit still fits, ya know.  

Talk about a sweet do-nothing job though! She hates it when I say that, by the way, and responds by laughing that “all you do is teach a few classes two times a week and write on your boring blog! Who even reads that?”  She is a little peeved right now because the new hotshot manager — a vegan bodybuilder, she said — insists that IT folks come to the office on Tuesdays and Thursdays, at least, after never having to come in at all.   “Its IT security, I can do it from anywhere!” she complained to me about it.  I started lecturing her about how indignation at minimal requirements was a common trait amongst her spoiled generation.  But then I remembered I needed to write an email to the Associate Dean protesting that I have to teach at 3:30 next fall — like all faculty, I like my classes between 11:00 am and 3:00 pm.  I quietly let the teachable moment fade.  I still thinks hers is sweeter gig, at least until something bad happens.  

That’s my segue for today.  Because an interesting story in the Nonprofit Times describes how a group of Robin Hood style do-gooders are fundraising for various charities:

Extortionists have embraced a new type of high-tech “fundraising” that involves hacking into companies’ servers and holding their data hostage for money. But in a new twist, the bandits are demanding the money for charity, not themselves.

Nearly 200 companies are estimated to have been targeted since March by the anonymous rogues, who fancy themselves not as criminals but as anti-capitalist reformers out to level the playing field for the poor and disenfranchised. To get their data back, victims are given the option of providing proof they donated to an approved charity or sending money directly to the group, which claims it will donate the money for them. 

But nonprofits that receive tainted money risk having their reputations sullied in a public relations nightmare and would likely be forced to surrender the booty if caught, which arguably should serve as a fresh reminder about the perils of accepting something that seems too good to be true.

The Robin Hood cyberattacks thus far appear largely aimed at users of Zimbra, an online workplace messaging and collaboration tool whose users began complaining in online forums two months ago about system compromises and ransomware issues. The ransomware gang’s activities finally came to light when a WikiLeaks-style website for corporate secrets revealed the group’s recent hack of an Indonesian-Swiss mining conglomerate. The attackers have since pledged to steer away from targeting companies in Africa, Latin America “and other colonized countries” and to instead target those in the United States, Russia and Europe “excluding Ukraine as they’re dealing with enough shit at the moment.”

“Unlike traditional ransomware groups, we’re not asking you to send us money,” the hackers wrote in a recently republished ransom message. “We just dislike corporations and economic inequality. We simply ask that you make a donation to a non-profit that we approve of. It’s a win-win, you can probably get a tax deduction and good PR from your donation if you want.”

In case you are interested, the ransomware software has been dubbed MalasLocker and apparently works best through a business platform called Zimbra.  See? You can learn something new everyday.

darryll k. jones