Ransomware groups find new way of extorting companies


By Dylan Bushell-Embling
Monday, 30 March, 2020


Ransomware groups find new way of extorting companies

Multiple ransomware threat actors are creating sites to leak the stolen data of non-paying victims or selling data exposed in their attacks on the black market, research shows.

The authors of at least seven ransomware families have created “news” sites to publish stolen data, according to cybersecurity expert Lawrence Abrams, the creator of BleepingComputer.com.

The groups have been quick to follow in the footsteps of Maze, the first ransomware company to create a site to publish stolen data as a further extortion attempt.

Ransomware actors Sodinokibi, Nemty, DoppelPaymer, Nefilm Ransomware, CLOP Ransomware and Sekhmet Ransomware have recently published data leak sites, Abrams said.

The sites follow a similar format, with a landing page linking to the data of victims who have refused to pay.

Meanwhile, hackers have started to distribute the stolen data on deep web forums, and chatter suggests that hackers who have purchased the link have found valuable information including credit card numbers and tax reporting forms.

Abrams said these developments underscore the fact that all ransomware attacks must be considered data breaches, because attackers are increasingly sifting through the compromised information before encrypting it.

This has implications for employees and customers impacted by the attacks, because too many ransomware attacks are going undisclosed to even to the victims of data theft.

Image credit: ©iconimage/Dollar Photo Club

Related Articles

Strategies for navigating Java vulnerabilities

Java remains a robust and widely adopted platform for enterprise applications, but staying ahead...

Not all cyber risk is created equal

The key to mitigating cyber exposure lies in preventing breaches before they happen.

How AI can help businesses manage their cyber risks

Artificial intelligence can be a powerful ally in the fight against cyberthreats.


  • All content Copyright © 2024 Westwick-Farrow Pty Ltd