Punished hackers said scammers deceived their innocent victims by telling them they could give them a "loan". However, the victims they must first give them a sum of money. Of course, the loan is never given.
Punishment hackers launch their attacks with the mission Phishing emails, containing links to executable that appear as files PDF. They also conduct DdoS attacks, to cause trouble to sites of companies.
MilkmanVictory ransomware actually works like one catastrophic wiper.
The hackers-punishers they don't ask money from their scammers. Instead, they leave them a message stating that computer it was destroyed because "we know you're a scammer!"
The hacking team claims to have already targeted the German company Lajunen Loan, whose website is currently out of order after a DDoS attack and emails distributed by ransomware.
The attackers said the ransomware was based on HiddenTear, which means that even if a key is not saved, it can be decrypted via brute force attacks.
HiddenTear victims can recover archives them for free, using it Michael Gillespie's Hidden Tear Decryptor.