ForensicsS | Private Detective & Digital Forensics Investigation Experts
  • info@forensicss.com

    Send Email

  • 11400 West Olympic Blvd, Los Angeles, CA 90064

  • Home
  • About Us
  • Services
    • Domestic Investigation
      • Los Angeles Private Eye
      • Catch Cheater
      • Infidelity Investigations
      • Asset Investigations
      • Private Detective Orange County
      • Child Custody Investigations
      • Missing Person Locates
      • Wire Fraud
      • Corporate Security Investigations
      • Surveillance Operations
      • Financial Fraud Investigations
      • Bug Sweep TSCM Investigation
      • Workers Compensation Fraud Investigation
      • Asset and Hidden Finances Investigations
    • Cyber Security
      • DIGITAL EVIDENCE AUTHENTICATION
      • Cyber Bullying Online Investigation
      • Penetration Testing Service
      • Social Media Monitoring
      • Romance Scam Investigator
      • Cyber Stalking Investigation
      • Crypto Scam Investigation
      • Cyber Security Assessment
      • Cyber Harassment Online Investigator
      • Ransomware Attack Investigation
      • Social Media Investigator
      • Extortion Investigation services
      • Background Screening
      • Insurance Fraud Detective
      • Forensic Accounting
      • Online Identity Theft
      • Online Blackmail
      • Cell Phone Forensics
      • Automotive Forensics
      • Audio Video Forensics
      • E-Discovery
      • Assets Search 
      • Computer and Cell Phone Forensics
  • Closed Cases
    • Closed Cases
    • Case Details
  • News
  • Contact
310-270-0598

Confidentiality Guaranteed

310-270-0598

Confidentiality Guaranteed

Logo

Contact Info

  • 11400 West Olympic Blvd, Los Angeles, CA 90064
  • 310-270-0598
  • info@forensicss.com

    Blog Details

      ForensicsS | Private Detective & Digital Forensics Investigation Experts > News > Uncategorized > US government body paid $1M to hackers who never locked a single file
    US government body paid $1M to hackers who never locked a single file
    04
    Jul
    • ForensicsS
    • 0 Comments

    US government body paid $1M to hackers who never locked a single file

    Scam detection

    TL;DR

    A US government entity paid about $1m to the Kairos extortion team to protect stolen recordsdata non-public, in preserving with a Ransom-ISAC case glimpse in accordance with a leaked negotiation chat and blockchain evaluation. The clues display Union County, Ohio, even though neither get collectively has confirmed it. The case illustrates how necessary of this day’s “ransomware” entails no encryption at all.

    A US government entity paid around $1m to cease stolen recordsdata from being printed, in preserving with a case glimpse by researcher Rakesh Krishnan for Ransom-ISAC. The evaluation draws on a leaked negotiation chat and the blockchain depart the rate left in the motivate of.

    The team in the motivate of the deal calls itself Kairos, nonetheless it must also simply now now not be a ransomware gang in any ragged sense. Krishnan reportedly found no encryptor, no locker, and no build an mumble to for a decryption key, licensed stolen recordsdata and a cost for preserving them non-public.

    The case glimpse does now now not name the victim, nonetheless file names in the proof-of-theft samples, including an archive called union.rar, display Union County, Ohio. Neither the county nor Kairos has confirmed the connection, and The Hacker News says it has contacted the county for commentary.

    The clues pause line up with a right incident. In Might per chance well maybe 2025, Union County detected ransomware on its community and later notified forty five,487 participants that knowledge including Social Safety numbers, fingerprints, and passport puny print had been taken.

    If the identification holds, a county of roughly 70,000 residents made a $1m fee it never publicly disclosed. The attacker reportedly leaned hardest on a folder marked “prosecutors place of business”, warning that a leak would reduction criminals evade payments.

    Anatomy of a $1m deal

    The negotiation ran for approximately a month, in preserving with the case glimpse. Kairos opened at $3m and claimed to support extra than 2TB of recordsdata across some 1.6 million recordsdata.

    The county reportedly countered at $100,000 and inched up to $430,000, while Kairos dropped to $2m sooner than fixing a final $1m closing date. The victim paid on 13 June 2025, ten times its opening provide.

    The fee of roughly 9.44 bitcoin matched about $1m at that week’s market prices. Interior hours it became reportedly split and routed through a chain of wallets in direction of deposits at Bybit, OKX, and BELQI, a Russian carrier that remembers earlier ransomware laundering through WEX and BTC-e.

    Tracing of this kind gives investigators leads instead of identities. Prison crews fill spent years refining how they wash cryptocurrency through mules, mixers, and loosely regulated exchanges.

    What the money sold is yet every other quiz. Kairos handed over a “proof of deletion” file, nonetheless a list of file names most attention-grabbing proves the attacker as soon as held the knowledge, and promises to delete stolen knowledge fill unravelled sooner than.

    Ransomware without the ransomware

    Union County described the incident as ransomware, yet nothing in the Kairos case became ever encrypted. A growing fragment of what unexcited carries that label now skips lockers fully and makes mumble of the stolen knowledge itself because the stress point, a playbook that most up-to-date extortion-most attention-grabbing breaches fill geared toward the non-public sector too.

    Sophos reported in 2025 that most attention-grabbing around half of ransomware assaults appealing encryption, down from 70% a 365 days earlier and the bottom rate in six years. Silent Ransom Group, an offshoot of the Conti ecosystem, has spent years working encryption-free extortion in opposition to US legislation companies, drawing repeated FBI warnings.

    The bargaining arc is familiar too. When Shaded Basta’s inner chats leaked in February 2025, one deal moved from a $1.5m build an mumble to to a $100,000 counter and a $1m fee, nearly the identical curve.

    Kairos itself has long past peaceful, with its leak space offline and its final known victim posted in June 2026, per the case glimpse. A linked wallet became reportedly unexcited shifting funds in Might per chance well maybe, so a sorrowful leak space must now now not be read as a retired crew.

    Unglamorous lessons

    For puny government networks, the takeaways are deliberately insensible. Kairos claimed it obtained in by guessing a password, so multi-part authentication and alerts on repeated failed logins would fill raised the worth of entry considerably.

    Defenders must additionally watch outbound transfers and throwaway file-sharing links, such because the temp.sh addresses the attacker outdated, and protect licensed and citizen records segmented from the broader community. Above all, a thief’s receipt for deleted knowledge is worth exactly what it worth to kind.

    Read Extra

    • Tags

    • cybercrime email-fraud forensics|digital-forensics government hackers Investigation malware online-scam private-detective scam|fraud private-eye cyber|cybersecurity private-eye phishing|phishing-attack private-investigator private-investigator hacking|hacker

    Recent Posts

    • Crypto Forensics Got Smarter, Nevertheless AI Scammers Got There First
    • US government body paid $1M to hackers who never locked a single file
    • How your smartwatch and AI might per chance well presumably detect early indicators of illness
    • Google says criminal hackers frail AI to search out application flaw
    • FBI broadcasts 305 arrests, 24 missing younger folks recovered in Chicago within the heart of Operation New Ruin of day

    Recent Comments

    No comments to show.

    Categories

    • cybersecurity
    • Investigations
    • Uncategorized

    Recent Posts

    US government body paid $1M to hackers who never locked a single file
    July 4, 2026
    US government body paid $1M to hackers who never locked a single file
    How your smartwatch and AI might per chance well presumably detect early indicators of illness
    July 4, 2026
    How your smartwatch and AI might per chance well presumably detect early indicators of illness
    Google says criminal hackers frail AI to search out application flaw
    July 4, 2026
    Google says criminal hackers frail AI to search out application flaw

    Popular Tags

    Arrested Confirms Crypto cybercrime cybercrimefraud cybercrimehacker cybercrimephishing-attack cybersecurity Department digital-forensics director email-fraud Epstein Faces forensics|digital-forensics Former fraud hacker hackers House Investigation investigationcybersecurity Judge Justice Launches malware malwarefraud malwarephishing-attack Microsoft Minnesota North online-scam online-scamphishing-attack opens Patel phishing-attack Police private-detective scam|fraud private-eye cyber|cybersecurity private-eye phishing|phishing-attack private-investigator private-investigator hacking|hacker probe Trump warns

    Forensics – Trusted Experts in Surveillance, Cyber Security, Background Checks, and Digital Forensics across California.

    • 310-270-0598
    • info@forensicss.com
    • 11400 West Olympic Blvd, Los Angeles, CA 90064

    Explore

    • News
    • About
    • Our Services
    • Find A Person
    • Child Custody
    • Contact Us
    • Los Angeles
    • Orange County
    • San Diego

    Services

    • Cyber Security
    • Online Blackmail
    • Cell Phone Forensics
    • Domestic Investigation
    • Social Media Investigator
    • Crypto Scam Investigation

    Newsletter

    Sign up email to get our daily latest news & updates from us

    © Copyright 2021 by KRIGO