Cybercriminal businesses have seen a hit from the weakened economy. In response, they're further morphing tactics to extract money.
Times are tough.
Cybercriminals are getting creative.
We've seen several stories of Ransomware groups releasing stolen data to force ransom payment. Some have even formed a cartel to expand reach and revenue (like here). Now, they've added a new line of revenue from victim data.
The criminal group behind the REvil ransomware enterprise has begun auctioning off sensitive data stolen from companies hit by its malicious software.
Many Ransomed organizations are either unwilling or unable to pay Ransom demands. This could be in following law enforcement guidance or they simply don't have the funds in this tough economy. Unfortunately, this has consequences.
“The problem is a lot of victim companies just don’t have the money [to pay ransom demands] right now.”
When ransom demands aren't met, the REvil team is now exacting their tolls via data auctions.
Experts say the auction is a sign that ransomware groups may be feeling the financial pinch from the current economic crisis, and are looking for new ways to extract value from victims...
On the block in their first auction, the REvil team is selling data from a Canadian agricultural producer who has reportedly not paid their Ransom demand.
The victim firm’s auction page says a successful bidder will get three databases and more than 22,000 files stolen from the agricultural company.
Cybercriminals have been printing money (figuratively) through these attacks, and they don't seem to be stopping.
“Others are now charging a fee not only for the ransomware decryptor, but also a fee to delete the victim’s data. So it’s a double vig.”
This is yet another dark turn in the Ransomware game. As much as we don't want to admit it, these criminals are crafty and smart.
It's time to protect your team and your assets from these attacks.
Are you ready to take action?
You already have a lot on your plate, so we make it easy. Find out how to protect your team with INFIMA's Automated Security Awareness platform.
To get a quote, set up a call with our (non-pushy) team here!
Original article here.
[https://krebsonsecurity.com/2020/06/revil-ransomware-gang-starts-auctioning-victim-data/]
Join the newsletter to receive the latest updates in your inbox.