This ransomware gang lets you rummage around their stolen data
Gangs want to help other gangs kick off attacks faster
When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.
We appear to have reached the next stage in the evolution ofransomware, as operators now allow people to search through the files stolen from companies that declined to pay up.
Multiple ransomware operators are reportedly now adding the feature to their leak sites - and while some have done a poor job, as their engines didn’t exactly work as intended, others appear to have successfully pulled it off.
In the case of BlackCat (AKA ALPHV), not only does the search engine work, but the files were also indexed, allowing visitors to search by specific keywords or file types, making it easier for other cybercriminals to find sensitive data, and possibly attack other firms withmalwareand ransomware, as well.
Finding passwords faster
LockBit is another threat actor that introduced the same functionality to its website, and although it’s not as advanced as BlackCat’s, it still works relatively well. Karakurt’s search engine, however, was shown as malfunctioning.
By allowing victims, other threat actors, and anyone else, to quickly and easily go through terabytes of stolen data, ransomware operators want to exert additional pressure on the victim, to have them pay the ransom.
If the victim’s client, or customer, sees their data exposed to the public in this way, they might try and persuade them to pay the ransom and have that data removed from the web as soon as possible.
Here’s how to protect your online identities from theft>One of the most dastardly ransomware strains has received a Rust-flavored upgrade>Cybersecurity watchdog asks lawyers for help in the fight against ransomware
This is just another step, in a long line of moves cybercriminals have been pulling, since the inception of ransomware, all with the goal of incentivizing payment.
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
In the early days, when businesses declined to pay up, threat actors started both encrypting and stealing data, threatening to release it to the public.
When that, too, failed to convince the victims, they started bullying them with phone calls and threatening emails. In some cases, ransomware attacks are also followed up with distributed denial of service (DDoS) attacks, clogging the front-end with bogus traffic, and paralyzing the business both from the customer-facing side, as well as from the back-office.
Via:BleepingComputer
Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.
A new form of macOS malware is being used by devious North Korean hackers
Scammers are using fake copyright infringement claims to hack businesses
England vs Australia live stream: how to watch 2024 rugby union Autumn International online from anywhere
