Ghana: This Ransomware Gang Lets You Rummage Around Their Stolen Data

13 July 2022
Ghanaian Times (Accra)
By Sead Fadilpa?i?

Gangs want to help other gangs kick off attacks faster

We appear to have reached the next stage in the evolution of ransomware, as operators now allow people to search through the files stolen from companies that declined to pay up.

Multiple ransomware operators are reportedly now adding the feature to their leak sites - and while some have done a poor job, as their engines didn't exactly work as intended, others appear to have successfully pulled it off.

In the case of BlackCat (AKA ALPHV), not only does the search engine work, but the files were also indexed, allowing visitors to search by specific keywords or file types, making it easier for other cybercriminals to find sensitive data, and possibly attack other firms with malware and ransomware, as well.

Finding passwords faster

LockBit is another threat actor that introduced the same functionality to its website, and although it's not as advanced as BlackCat's, it still works relatively well. Karakurt's search engine, however, was shown as malfunctioning.

By allowing victims, other threat actors, and anyone else, to quickly and easily go through terabytes of stolen data, ransomware operators want to exert additional pressure on the victim, to have them pay the ransom.

If the victim's client, or customer, sees their data exposed to the public in this way, they might try and persuade them to pay the ransom and have that data removed from the web as soon as possible.

This is just another step, in a long line of moves cybercriminals have been pulling, since the inception of ransomware, all with the goal of incentivizing payment.

In the early days, when businesses declined to pay up, threat actors started both encrypting and stealing data, threatening to release it to the public.

When that, too, failed to convince the victims, they started bullying them with phone calls and threatening emails. In some cases, ransomware attacks are also followed up with distributed denial of service (DDoS) attacks, clogging the front-end with bogus traffic, and paralyzing the business both from the customer-facing side, as well as from the back-office.

Protect your networks from bogus traffic with the best firewalls around

Read the original article on Ghanaian Times.

Tagged:
Copyright © 2022 Ghanaian Times. All rights reserved. Distributed by AllAfrica Global Media (allAfrica.com). To contact the copyright holder directly for corrections — or for permission to republish or make other authorized use of this material, click here.

AllAfrica publishes around 600 reports a day from more than 100 news organizations and over 500 other institutions and individuals, representing a diversity of positions on every topic. We publish news and views ranging from vigorous opponents of governments to government publications and spokespersons. Publishers named above each report are responsible for their own content, which AllAfrica does not have the legal right to edit or correct.

Articles and commentaries that identify allAfrica.com as the publisher are produced or commissioned by AllAfrica. To address comments or complaints, please Contact us.