Bank of Zambia Trolls Hive Malware Operators and Sends Them DickPics

Last week, the Bank of Zambia, the country’s central bank, was hacked, but it began to troll the hackers.

Let me remind you that we also reported that Hackers stayed in the network of the Central Bank of Denmark for several months.

According to an official press release from the Zambian central bank, the attack took place as early as May 9, 2022, and after it, “partial failures in some IT applications” were observed. It was also reported that the incident affected some of the bank’s systems, including the currency exchange monitoring system and the official website.

The publication Bleeping Computer writes that although the details of this attack were not disclosed, the Hive extortion group claimed responsibility for what happened. The hackers claimed to have encrypted the NAS on the bank’s network and demanded a ransom for data recovery.

However, instead of paying a ransom, during negotiations with the hackers, representatives of the Bank of Zambia ridiculed the nickname of the representatives of the group (14m3-sk1llz), and then sent the attackers a photo of male genitalia with the comment:

“Suck off and stop blocking banking networks, believing that you can monetize something [first] learn how to monetize.”

When Bleeping Computer journalists first saw this correspondence, there was speculation that outsiders had infiltrated the chat for negotiations, because this had happened more than once in the past.

As a result, the well-known information security specialist MalwareHunterTeam even conducted a poll on his Twitter, asking subscribers whether they think that a dikpick in the negotiation chat is a sure sign that outside “jokers” have penetrated the chat, or does it mean that the victim is not going to pay and sends a clear message to the attackers. Oddly enough, most subscribers felt that the victim herself could have sent such a photo.