Aaron Lammer, co-host of the Longform journalism podcast and cryptocurrency show Coin Talk, didn’t even notice at first when his website was hacked. Instead, a follower tipped him off that aaronlammer.com had been replaced by a notice that read “Ooops, your website has been encrypted!” and a countdown clock, indicating that the site would be deleted unless a ransom of 0.025 Bitcoin, or about $230 at the time of writing, was paid to the hacker.
Instead of paying, Lammer clicked on a link that said “Contact us.” It led to a Facebook page under the name Barberousse Mohammed. Lammer sent Mohammed a message. “Hi,” he said. “I don’t have any Bitcoin. Do you accept Ripple?” And thus began an epic trolling as Lammer cycled through ideological talking points from all the facets of the cryptocurrency world while his hacker got more and more exasperated. Mohammed did not respond to The Verge’s request for comment.
Ransomware attacks peaked in 2016 and 2017 with attacks like WannaCry targeting millions of machines and demanding cryptocurrency payment. According to a report from the cybersecurity firm SonicWall, these types of attacks have been on the decline in 2018 (though more unique ransomware strains are emerging), and the tactic is still popular with hackers.
Cybercriminals have benefited from the proliferation of cryptocurrency as a semi-anonymous way to send cash. “Cryptojacking,” in which hackers seize control of a user’s machine without their knowledge and use the processing power to mine cryptocurrencies, has increased 27 percent from the last quarter of 2017 to the first quarter of 2018, according to the security software firm Malwarebytes, which releases a quarterly cybercrime report. Meanwhile, hackers are still targeting individual public-facing Bitcoin users such as cryptocurrency YouTubers.
“From driveby mining attacks via browser to scams meant to drain users’ cryptowallets, cybercriminals are taking every opportunity to exploit the rising value and popularity of Bitcoin and other cryptocurrencies,” the Malwarebytes report says.
Luckily for Lammer, he didn’t really care about this particular website, which is just a single page with links to his projects. So he used the opportunity to troll.
At one point Mohammed says, “Dude i’m just hacker i’m not realy into bitcoin [sic]” to which Lammer responds, “You’re not into Bitcoin? Cmon bro. Why not? I was so excited when I saw that you hacked me because I don’t have that many people I can talk to about decentralization.”
Lammer also decided to tap into the most acrimonious of cryptocurrency feuds, the ongoing Bitcoin versus Bitcoin Cash debate. He pretends to have sent Mohammed Bitcoin, then gripes that it hasn’t arrived yet because Bitcoin isn’t as fast as or cheap as Bitcoin Cash and that it “probably hasn’t hit yet because fees are trash.” When the hacker responds, “sir just make the payment the fees don’t matter,” Lammer puts on his best impression of a Bitcoin Cash zealot. “Fees dont MATTER!?!?!?!? oh my god [sic],” he says.
“I just thought it would be funny if I could get him into a ‘who’s on first’ situation where I kept insisting BCash WAS Bitcoin and then eventually blame transaction times for the delay in his payment,” Lammer told me over Twitter DM.
Lammer reclaimed his website by contacting his domain host, which detected that the site had been hacked through a WordPress exploit on an unused domain connected to the account. The fix happened quickly enough that Lammer was still chatting with Mohammed when he regained control of the account. “Towards the end of the chat, Dreamhost had actually already gotten the domain back and he didn’t seem to have noticed, so I was playing with house money,” Lammer said.
Mohammed finally took the bait when Lammer asked, “Whats your favorite anime series ever?” “I like hunter x hunter,” Mohammed says. “No[w] are you gonna ke[ep] wasting my time?”
Lammer posted the full conversation with his hacker on Twitter and Medium. Most people were amused, although a small number accused Lammer of faking the conversation. Some comments devolved into the same ideological arguments that Lammer was parodying. “Mostly people are like ‘that sucks, but that was funny’ and then if you go deep enough in threads, there are people like ‘buuuuuut wait BCASH is better though,’” Lammer said.
Research suggests that Lammer was right not to pay his hacker. In 2017, only half of the victimized organizations that paid the ransom actually got their data back, according to the cybersecurity research and marketing firm CyberEdge Group.
Even if he paid, Lammer says, he wasn’t sure he’d ever get his site back. “I thought he might just ask for more,” Lammer said. “Plus, I really like talking to scammers and if I had paid him he woulda probably instantly disappeared.”