Skip to content

164news.com

  • Home
  • About Us
  • Contact Us
  • Privacy Policy
  • Terms of Service
  • Cookie Policy

US government body paid $1M to hackers who never locked a single file

Posted on July 4, 2026 By 164news66 No Comments on US government body paid $1M to hackers who never locked a single file

US Government Body Paid $1M to Hackers Who Never Locked a Single File

A leaked negotiation chat and a Bitcoin trail expose a pure data-theft extortion, with the clues pointing to a small Ohio county.

July 4, 2026 – 9:53 pm

TL;DR:

A US government entity paid about $1m to stop stolen files from being published, according to a case study by researcher Rakesh Krishnan for Ransom-ISAC. The analysis draws on a leaked negotiation chat and blockchain analysis.

The group behind the deal calls itself Kairos, but it may not be a ransomware gang in any traditional sense. Krishnan found no encryptor, no locker, and no demand for a decryption key—just stolen files and a price for keeping them private.

The Case Study

The case study does not name the victim, but file names in the proof-of-theft samples, including an archive called union.rar, point to Union County, Ohio. Neither the county nor Kairos has confirmed the connection.

Clues Align with Real Incident:

In May 2025, Union County detected ransomware on its network and later notified 45,487 people that data including Social Security numbers, fingerprints, and passport details had been taken. If identified, a county of roughly 70,000 residents made a $1m payment it never publicly disclosed.

Anatomy of a $1M Deal

The negotiation ran for about a month. Kairos opened at $3m and claimed to hold more than 2TB of data across 1.6 million files. The county countered at $100,000 and inched up to $430,000 before agreeing on a final deadline of $1m. The victim paid on June 13, 2025, ten times its opening offer.

The payment of roughly 9.44 bitcoin matched about $1m at that week’s market prices. It was split and routed through a chain of wallets towards deposits at Bybit, OKX, and BELQI.

Tracing Leads Over Identities:

This kind of tracing gives investigators leads rather than identities. Criminal crews have spent years refining how they launder cryptocurrency through mules, mixers, and loosely regulated exchanges.

Data-Theft Extortion Without Encryption

Union County described the incident as ransomware, yet nothing in the Kairos case was ever encrypted. A growing share of what still carries that label now skips lockers entirely and uses the stolen data itself as the pressure point—a playbook aimed at the private sector too.

Sophos reported in 2025 that only around half of ransomware attacks involve encryption.

Clock

Post navigation

Previous Post: Australia’s child social media ban is failing, and the Senate just delayed the fix
Next Post: India’s CG Semi starts commercial chip production at $870M Gujarat plant

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Editor's Picks

  • Commercial Plumbing Installation Denver
  • Denver Plumber for Emergency Services
  • Denver Gas Line Replacement
  • Affordable Plumbing Repair Denver
  • Leak Detection Services Denver CO
  • Sewer Backup Cleanup Denver Colorado
  • Expert Drain Snaking Denver
  • Plumbing for New Construction Denver
  • Sustainable Plumbing Solutions Denver
  • Denver Basin Augmentor Repair

Recent Posts

  • Australia’s child social media ban is failing, and the Senate just delayed the fix
  • Starling Bank cuts 130 jobs as it bets on AI and looks beyond the UK
  • Hong Kong now handles more than half of China’s chip imports
  • Nearly a million investors lost $3.8 billion on the Trump memecoin. Trump made $636 million.
  • OpenAI apparently never visited the site of its flagship UK AI project

Recent Comments

  1. fk777 casino on Spiro takes $55M from China’s NewTrails as it nears a $1bn valuation
  2. 5577betapp on Spiro takes $55M from China’s NewTrails as it nears a $1bn valuation
  3. 144bet1 on Spiro takes $55M from China’s NewTrails as it nears a $1bn valuation
  4. 144bet1 on Spiro takes $55M from China’s NewTrails as it nears a $1bn valuation
  5. 144bet1 on Spiro takes $55M from China’s NewTrails as it nears a $1bn valuation

Archives

  • July 2026
  • June 2026
  • May 2026
  • April 2026
  • March 2026

Editor's Picks

  • Commercial Plumbing Installation Denver
  • Denver Plumber for Emergency Services
  • Denver Gas Line Replacement
  • Affordable Plumbing Repair Denver
  • Leak Detection Services Denver CO
  • Sewer Backup Cleanup Denver Colorado
  • Expert Drain Snaking Denver
  • Plumbing for New Construction Denver
  • Sustainable Plumbing Solutions Denver
  • Denver Basin Augmentor Repair

Copyright © 2026 164news.com.

Powered by PressBook Dark WordPress theme