The Japanese cryptocurrency exchange Bitpoint reported a loss of 3.5 billion yen ($32 million) in…
Journalists recall that at the end of 2019, creators of ransomware began to act according to a new scheme. It all started with Maze ransomware operators, which began to publish files that they stole from the attacked companie, if the victims refused to pay.
Recall that the cybercriminals behind the Maze ransomware do not miss opportunity to attacks even medical institutions that test the vaccine against COVID-19.
“Hackers set up a special site for such “dumps” and other groups soon followed an example, including Sodinokibi, Clop, Sekhmet, Nephilim, Mespinoza, and Netwalker”, – say Bleeping Computer reporters.
DoppelPaymer operators even published in the public domain Boeing, Lockheed Martin, SpaceX and Tesla documents.
Now authors of the ransomware Ako joined them, but they went even further than their “colleagues.” The grouping forces some companies to pay a ransom twice: for decrypting files and for deleting stolen data.
As an example, some of the victims’ data was published on Aco’s website: the company paid $350,000 to decrypt the information, but hackers still published its files on their website because they did not receive a “second ransom” for deleting the stolen files.
One of the Ako operators answered Bleeping Computer’s questions and confirmed that double ransom demand is used only for some victims: it all depends on the size of the company and type of stolen data. As a rule, the size of the second buyback ranges from 100,000 to 2,000,000 US dollars, therefore, it usually exceeds the cost of decrypting the data.
“Big-income companies get scared when we talk about stolen files. So this is the motivation for other companies that have to pay”, – explain hackers.
Attackers argue that some companies generally prefer to pay for deleting data, but not for decrypting it. For example, this way went unnamed medical organizations from the USA, from was stolen confidential patient’s data, social security numbers, and so on. Journalists failed to confirm or deny these statements of criminals.
Chernars.com is a domain that tries to force you into subscribing to its browser notifications…
Eclipse-adblocker.pro is a site that tries to trick you into clik to its browser notifications…
Initiateadvancedcompletelythe-file.top is a site that tries to force you into subscribing to its browser notifications…
Pbmsoultions.com is a domain that tries to trick you into clik to its browser notifications…
Prizestash.com is a site that tries to trick you into subscribing to its browser notifications…
Verifiedbreaking.com is a domain that tries to force you into subscribing to its browser notifications…
View Comments
[…] me remind you that at the end of 2019 creators of the ransomware began to “work” according to a new scheme that allows them to receive more money from […]