Britton White writes:
After a university was recently hit with Ransomware, I decided to research the university’s domain name searching for any users who might have been hit with Redline Infostealer/Malware. To no surprise, I found many students had unknowingly had their saved browser credentials scraped (stolen/exfiltrated).
It didn’t take long to find a student who had many instances of this domain name in their URL history, so I looked them up. Turns out this student is in Finance, Business, and Law. Because of this, I decided to reach out to them.
While they didn’t answer my initial call, they surprisingly called me back where I said, “this is likely going to be the strangest call you have today”. They listened to what I had to say, then quickly said, “about two months ago I figured out I’d been hacked”. We talked further. I advised them of the three credit cards that had been stolen and was asked what the last four digits were of each, which I provided. They knew then that I not only had access to their information but that I was trying to help them.
Read more at LinkedIn.