Hackers fear attacking Russian-language computers, and this is what the site has revealed KerbyonSecurity Electronic security specialist.
And this discovery began with a conversation that took place on a platform Twitter The founder of the site noted that computers operating in Russian or its derivative languages are not exposed to ransomware attacks or any viruses.
The report indicated that the DarkSide group prevents its partners from attacking computers belonging to a country in the former Soviet Union.
It is reported that the DarkSide Group is responsible for the attack on Colonial Pipeline, which disrupted the company’s oil pipeline.
Also Read: Android App Puts Users Data at Risk
Colonial Pipeline supplies all of the southeastern United States with gas and oil, so this breakthrough has led to an increase in oil prices.
The company paid about 75 bitcoins to the Darkside group to decrypt its files and get back to work. But the group later apologized for the damage it had caused, and said its attack had no political goals.
The group aims to make profit from large and giant companies only without any political influence. Nor is it a politically active group. It did not want to disrupt or harm the lives of the population, and therefore prevented its partners from carrying out such attacks in the future.
But this group – like many cybercrime groups – follows the same rules Where it does not attack any computer located in the countries of the former Soviet Union, and this certainly has more reasons than just political ones.
Hackers refrain from attacking Russian computers:
We must agree at the outset that a large part of hackers and organized cybercrime teams are primarily Russian.
They are exploiting a loophole in Russian law, as the Russian security services will not pursue them as long as there is no official complaint against them from a Russian citizen.
Therefore, they avoid Russian devices in order to maintain their personal security and certainly protect their profits.
The group relies on conditional programming within its viruses, and this condition prevents the virus from running inside any device that uses the Russian language.
Read also: Biden cancels Trump’s orders banning Tik Tok
This is similar to what was happening with virtual systems, where viruses were avoiding installing themselves on virtual machines.
But is it possible to rely on changing the language of the computer to protect it from attacks?
Of course, this step protects the devices, as the virus gives the illusion that the computer belongs to a Russian user, but this is a temporary protection.
These groups may at any time decide to change their way of working if everyone uses a change of language, or they may find another way to learn about Russian devices.
Also, many “non-Russian” organized groups do not follow this rule They risk facing judicial authorities, so Russian groups may decide to take the same risk.
But for now, the profits that these groups of Russian computers might derive are not worth the risk.
Languages that ransom groups avoid:
The groups avoid attacking Russian hardware and hardware located in the countries of the former Soviet Union. Cybereason has published a list of languages that Russian groups avoid, which are listed in the table below: