KelvinSecurity ransomware belongs to a very specific and not always malicious family of ransomware.
The term “Hacker” is probably familiar to you, but you may not have heard of the categories these cyber experts fall into. We call them Black Hat, White Hat and Grey Hat.
This appellation is based on the old Western movies that were prominent in American popular culture, where the heroes wore white or light-colored hats while the villains wore black hats.
KelvinSecurity ransomware falls into the GreyHat category, where its initial intentions are neither malicious (BlackHat) nor legal in the eyes of the law (WhiteHat).
Unlike WhiteHat, GreyHat do not expect to get a company’s permission to search for vulnerabilities in its security systems.
Once the attackable part of the system is uncovered, the group behind KelvinSecurity informs the company of the vulnerability by offering a service to fix the problem for a stipulated fee.
If the company ignores this gesture, there is nothing to stop hackers from exploiting the vulnerability and leaking the collected information. And that is the big difference between WhiteHat and GreyHat.
A GreyHat hacker is not limited by ethical hacking standards or an employment contract if a company chooses to ignore the warning.
Recently the KelvinSecurity group hacked into the systems of a Chilean bank, compromising 17,736 dataset records, including the bank’s confidential customer information.
We know that this will likely not be the group’s last attack, so you need to be prepared and well-attended should this scenario occur to you or your company.