Security Experts Ring The Alarm As Ransomware Operators Create Replicas Of Victim’s Site And Publish Stolen Data
Ransomware operators that go by the name ALPHV are wreaking havoc by
using new kinds of extortion tactics. They’re creating replicas of a
victim’s website so it could publish data that has been stolen on it.
The
name has been outlined as BlackCat Ransomware that’s best known as a
new group that is conducting trials. This is a new means of adding new
pressure and shaming so many victims into making payments.
These
new tactics aren’t too successful at first, it is making room for a very
competitive and increasing threat landscape through which victims need
to pass through. Moreover, hackers are making it so much easier to
attain data that are stolen as well.
Just last week, this
particular threat actor went public and published across a website a new
type of data leak website that’s hidden in places like the Tor network.
These ended up compromising a firm that had to do with financial
services.
H/T: Brett Callow
Since
these victims didn’t meet the demands of the threat actor involved,
Black Cat ended up publishing all those stolen files as a form of
penalty, which is the standard step taken by so many ransomware
operators.
It’s a clear deviation from that usual process that we
see with time. Hackers end up leaking data on a particular website and
they mimic the victim’s appearance and name of the domain to trick
others.
While most hackers don’t keep these original headings on
a particular site, they ended up using their own headings through which
they organized all the stolen data.
You can well think of this
as a cloned website that’s located on the clear web. It ensures a wide
availability related to files that keep getting stolen. Now, it’s
putting ahead so many documents and memos to staff and even forms for
payments. Then it has the likes of information from staff and any assets
with expenses involved. Some data even entails passport scans with
information on partners too.
As a whole, it has 3.5GB of data for
documents. Similarly, it shared data that was taken on file-sharing
services which allow anonymous data uploading while distributing links
on certain leaked websites.
Security experts mentioned how there
is certainly a new type of link that is forming with time. Moreover,
threat analysts mentioned that sharing data through such domains is a
huge concern for obvious reasons.
This trend could be the start
of a whole new network that is getting adopted by the likes of various
other gangs involved in ransomware. This is especially true in today’s
time as it’s being adopted due to lower costs.
So many people dealing in this category are on the lookout for ways to extort victims more viciously.
ALPHV
is turning out to be the first major gang dealing in serious ransomware
and also making a search that’s specific to the likes of taking on
board stolen data from various victims. These pages are outlined for
consumers and staff to see if their data was ever stolen by hackers in
the first place.
Via: BC
