Disaster at the Le Bonnois law firm. At the end of May 2021, this company specializing in personal injury compensation is the victim of a ransomware attack. The gang of cybercriminals behind the action, called Everest, put the almost 14 million stolen documents up for sale for $30,000 (27,000 euros). There is a lot at stake: among the mass of stolen documents are procedural elements related to the murder of teacher Samuel Paty and the attack against charlie hebdo.
But at the thugs’ site, a mention surprises the police officers of the Central Office for Combating Crime Linked to Information and Communication Technologies (since renamed the Anti-Cybercrime Office): Everest fires those who try to contact him towards NeoCyber, the self-owned company of Florent Curtet, a very repentant French hacker.
At that time, the young man had been making multiple approaches to companies that were victims of computer attacks for several months. This is demonstrated by the episode recounted in World by Mathieu (his name has been changed at his request), a French computer security expert who, as of August 2021, works as a service provider in Switzerland for a pharmaceutical laboratory: he thus sees Florent Curtet reach, list of stolen data in On the other hand, after an intrusion by hackers into the company’s systems. “Between the lines it tells us that we have to pay the ransom, that seemed crazy to me”remembers Mathieu.
Negotiator or accomplice?
A kind of infiltration, says Florent Curtet today, who claims to have played a double game with cybercriminals. Its objective: to inform the General Directorate of Internal Security of computer attacks of which it is aware. An informant role played free of charge, according to his statements to World.
“I was the one who allowed his hiring, he gave us valuable information about the hacks of French companies”says Pierre Penalba, former head of the anti-cybercrime group of the Nice judicial police. The former official is close to Florent Curtet and the two communicated regularly during this period. At that time, the National Information Systems Security Agency (Anssi) was also informed, says Florent Curtet.
The young man’s reports, however, turn out to be “completely unusable”Anssi certifies today before the courts, according to the referral order consulted by the world. Worse still: doubt hangs over the true purpose of the role assumed by Florent Curtet in these negotiations between victims and cybercriminals. In the case of the Le Bonnois law firm, according to the prosecution, the hacker boasted to Everest that he had managed to double the ransom amount in a few days, after discovering the sensitivity of the stolen data.
You have 38.67% of this article left to read. The rest is reserved for subscribers.
