Stories
Slash Boxes
Comments

SoylentNews is people

Ransomware Gang is Auctioning Off Victims’ Confidential Data

posted by martyb on Saturday June 06 2020, @11:06PM   Printer-friendly
from the do-you-trust-your-lawyer-and-CPA-and-agent-and-doctors-and... dept.

upstart writes in with an IRC submission:

Ransomware gang is auctioning off victims' confidential data:

The Happy Blog, a dark Web site maintained by the criminals behind the ransomware known by the names REvil, Sodin, and Sodinokibi, began the online bidding process earlier on Tuesday. Previously, the group published limited details of selected victim data and threatened to air additional confidential material if the owners didn't pay. Besides stealing the data, the group also encrypts it so that it's no longer accessible to the owners.

Combining the threat of publishing the data while simultaneously locking it from its rightful owner is designed to increase the chances of a payout. The new tactic furthers the pressure, possibly because previous practices haven't yielded the desired results. The ransoms demanded are frequently high, sometimes in the millions of dollars. Affected companies have also been loath to encourage further attacks by rewarding the people behind them. Added to that reluctance are new financial pressures caused by the coronavirus pandemic.

[...] The scourge of ransomware has thrived because it provides hackers with an easily monetized crime that's payable directly by the victims (assuming they pay). The anonymity of digital currencies such as Monero also play a key role in the success and persistence of the ransomware. The new high-pressure tactic suggests that while the crime has staying power, it may still be difficult to exact payments.

Original Submission

 
This discussion has been archived. No new comments can be posted.
Ransomware Gang is Auctioning Off Victims’ Confidential Data | Log In/Create an Account | Top | 10 comments | Search Discussion
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.

  • (Score: 0) by Anonymous Coward on Sunday June 07 2020, @05:19AM (1 child)

    by Anonymous Coward on Sunday June 07 2020, @05:19AM (#1004423)

    Ransomware authors contribute nothing of value to society. Yet somehow they still manage to be more useful and productive than SoylentNews editors. I suggest that nobody purchase any new subscriptions to this site until the quality of the site and its articles improve dramatically.

  • (Score: 5, Interesting) by darkfeline on Sunday June 07 2020, @08:14AM

    by darkfeline (1030) on Sunday June 07 2020, @08:14AM (#1004441) Homepage

    Actually, ransomware authors contribute much more to society than other scalpers and middlemen like health insurance providers or tax preparation software companies. They provide a positive incentive for companies with poor security to fix their shit. Think of it like a bug bounty system that you can't opt out of and has a higher premium. You get discounts if you opt in early (by hiring competent security folks and doing audits).

    First, they helped companies ensure their backup solution works via unplanned disaster recovery drills, and now they're helping to test their data leak preparedness. Some companies could certainly learn from ransomware author to proactively innovate and provide useful features to customers, rather than stagnating while buying out competitors and regulators.

    --
    Join the SDF Public Access UNIX System today!