Ransomware actors have found a new way to make victims pay up

Cybercrooks have started to deface the websites of their victims

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

Deploying ransomware is one thing, but getting the victim to pay up is an entirely different matter. Now, a relatively new entrant to theransomwaregame is using a unique new strategy to force its victims to cave in to demands.

As spotted byBleepingComputer, a data extortion gang that only recently added ransomware to its arsenal, called Industrial Spy, has started defacing the websites of attacked companies in order to pressure them into paying the ransom.

The group recently broke into the network of a French company named SATT Sud-Est, researchers from MalwareHunterTeam found, and encrypted everything it discovered on companyendpoints. Industrial Spy demanded $500,000 in exchange for the decryption key.

Share your thoughts on Cybersecurity and get a free copy of the Hacker’s Manual 2022. Help us find how businesses are preparing for the post-Covid world and the implications of these activities on their cybersecurity plans. Enter your email at theend of this surveyto get the bookazine, worth $10.99/£10.99.

Additional pressure

Besides the usual methods of persuasion, the group also broke into the company’s website (which is almost never hosted on the same server as corporate data) and defaced the homepage, leaving the following message:

“Your business data has been compromised. More than 200GB of data will soon be released on the market. Please contact us to avoid your reputational risks.”

The site has since been shut down, but the message can still be seen onGoogle’s search engine results page.

Most ransomware victims pay up, but many never recover their data>Ransomware – a burgeoning geopolitical weapon?>The US government is doing a really bad job of tracking ransomware

Due to the fact that breaking into the website requires additional effort (as well as extramalware, most likely), it’s highly unlikely this method will grow into a full-blown trend. You never know, though.

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

Cybercriminal techniques have significantly evolved over the years. In the early days of ransomware, threat actors would just lock the files and demand money in exchange for the decryption key. When businesses started keeping updatedbackups, crooks started stealing data and threatening to release it online. When even that showed unsatisfactory results, they turned toDDoSattacks and threatening phone calls.

This is just another in a long line of methods, and sooner or later, there are bound to be new ones.

ViaBleepingComputer

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

Cisco issues patch to fix serious flaw allowing possible industrial systems takeover

Washington state court systems taken offline following cyberattack

Google TV will require more RAM for future upgrades – which might leave older TVs and streaming boxes behind