Blackmail, a new technique associated with ransomware
A phenomenon has emerged in recent times.
It is the publication of the data of individuals or companies that have been victims of a ransomware attack and refuse to pay. Indeed, this is the case of all the companies that refused to pay the ransom demanded by the hackers who carried the Maze ransomware. The hackers decided to release their data.
This article will also interest you: How to avoid web scams?
And they're not the only ones. Indeed, other hackers have decided to adopt the same route. It is therefore with dismay that we realize that the ransomware world is turning into a world of blackmail. Considering that before, this mode of piracy was generally limited to irreversibly encrypting data until the ransom was paid. The victim will now have to rely on wild publications of their private data on the internet.
Cybersecurity firm KrebsOnSecurity reports the discovery of the implementation of this crazy idea of disclosure of data. According to her, the hackers behind the ransomware Maze, created a website where they began to list the structures targeted, i.e. those who refused to pay. "Companies represented here did not wish to cooperate with us and try to hide our successful attack on their resources. Wait till you see their basics here data and private documents. Follow the news! "can we apparently read on the website in rather approximate language. We can count 8 companies affected by this virtual conviction. Pirates it specifies for each company the date of the attack successful IT, not to mention IP names and addresses, terminals when were hit. To that, it adds the total volume of data that has been stolen in GO as proof. And finally he publishes some documents. A kind of torment carried out with slowness and precision.
The threat seems real, as the IT security firm has managed to verify the authentic nature of the information that has been listed. And apparently the Maze hackers have already carried out such a threat towards the end of November. Based on BleepingComputer's claims, these hackers have already posted nearly 700MB of stolen data online from a security company called Allied Universal, which also refused to pay. According to hackers, the information disclosed relates to only 10% of the data in their possession. they also assured that the rest of the data would be published if the company persisted in refusing to pay.
As noted above, the Maze ransomware hacker group is not alone. Those at Ransomware Sodinokibi have also begun to apply this strategy. This was announced in a forum of hackers where they claimed that they wanted to publish data belonging to their recalcitrant victims. they said they did not understand at all the approach of companies to pay more to restore the data instead of paying less to recover it. "spend 100 million to restore rather than 15 to buy (…) Go explain to investors where the profit is" meant.
During the month of November, other MegaCortex hackers also threatened their victims.
Now access an unlimited number of passwords: