Optus Hacker Was Really Amateurish
UNSW Institute for Cyber Security Director Nigel Phair says the original Optus hacker was “really amateurish”.
“A million dollars is not … very much to ask for,” he told Sky News Australia.
The alleged Optus hacker has vanished from the anonymous online forum where they had been posting after being mocked by their peers for their sudden backflip.
On Tuesday, the alleged hacker, known only as Optusdata, claimed there were “too many eyes” on them and they had made the decision not to sell or leak any more data.
Since then, they have not returned to their account on the hacking forum, with their profile showing they last logged in that same day.
The website also allows other users to award or take away points to a user’s “reputation”.
Optusdata’s reputation is now at minus 41, with multiple users awarding them negative points because they “pulled out” and got “in too deep”.
In their final message to the forum, the alleged hacker apologised to the Australians impacted by the data leak and said they couldn’t release more data even if they wanted to because they had “personally deleted data from drive”, which they claimed was the only copy.
They also offered their “deepest apology” to Optus, saying they “hope all goes well from this”.
“Optus if you’re reading, we would have reported exploit if you had method to contact. No security mail, no bug bounty’s, no way too message,” the message read.
“Ransom not paid but we don’t care anymore.”
The alleged hacker claimed it was a “mistake” to publish the data in the first place.
Hours before the backflip they had claimed to have exposed the data of 10,000 customers in a bid to pressure Optus to give into their ransom demands.
The alleged hacker said they would release more details in 10,000 batches for four days unless Optus pay them $US1 million ($A1.5 million) in cryptocurrency.
The cyber-criminal wanted the payment to be made in Monero, a decentralised cryptocurrency, making it hard to track down the identity of the recipient.