Security Experts Ring The Alarm As Ransomware Operators Create Replicas Of Victim’s Site And Publish Stolen Data

Ransomware operators that go by the name ALPHV are wreaking havoc by using new kinds of extortion tactics. They’re creating replicas of a victim’s website so it could publish data that has been stolen on it.

The name has been outlined as BlackCat Ransomware that’s best known as a new group that is conducting trials. This is a new means of adding new pressure and shaming so many victims into making payments.

These new tactics aren’t too successful at first, it is making room for a very competitive and increasing threat landscape through which victims need to pass through. Moreover, hackers are making it so much easier to attain data that are stolen as well.

Just last week, this particular threat actor went public and published across a website a new type of data leak website that’s hidden in places like the Tor network. These ended up compromising a firm that had to do with financial services.


H/T: Brett Callow

Since these victims didn’t meet the demands of the threat actor involved, Black Cat ended up publishing all those stolen files as a form of penalty, which is the standard step taken by so many ransomware operators.

It’s a clear deviation from that usual process that we see with time. Hackers end up leaking data on a particular website and they mimic the victim’s appearance and name of the domain to trick others.

While most hackers don’t keep these original headings on a particular site, they ended up using their own headings through which they organized all the stolen data.

You can well think of this as a cloned website that’s located on the clear web. It ensures a wide availability related to files that keep getting stolen. Now, it’s putting ahead so many documents and memos to staff and even forms for payments. Then it has the likes of information from staff and any assets with expenses involved. Some data even entails passport scans with information on partners too.

As a whole, it has 3.5GB of data for documents. Similarly, it shared data that was taken on file-sharing services which allow anonymous data uploading while distributing links on certain leaked websites.

Security experts mentioned how there is certainly a new type of link that is forming with time. Moreover, threat analysts mentioned that sharing data through such domains is a huge concern for obvious reasons.

This trend could be the start of a whole new network that is getting adopted by the likes of various other gangs involved in ransomware. This is especially true in today’s time as it’s being adopted due to lower costs.

So many people dealing in this category are on the lookout for ways to extort victims more viciously.

ALPHV is turning out to be the first major gang dealing in serious ransomware and also making a search that’s specific to the likes of taking on board stolen data from various victims. These pages are outlined for consumers and staff to see if their data was ever stolen by hackers in the first place.

Via: BC

Read next: 85% of IT Pros Fear Cybersecurity Issues in 2023
Previous Post Next Post