AI DevwWrld CyberDSA Chatbot Summit Cyber Revolution Summit CYSEC Global Cyber Security & Cloud Expo World Series Digital Identity & Authentication Summit Asian Integrated Resort Expo Middle East Low Code No Code Summit TimeAI Summit

The new face of ransomware gangs

Challenge to corporations: ransomware gangs go corporate

Ransomware hackers are changing their tactics, adopting an almost corporate approach to the media. Some groups, such as Royal, the Play, and RansomHouse, actively seek to correct false information about them and put pressure on their victims by publicly exposing them.

This pill is also available in Italian language

The ransomware landscape is experiencing a transformation: cybercriminals are no longer just shadowy figures hiding behind disturbing aliases, but now take an almost corporate approach to their relationship with the media. According to a recent report from Sophos “They are using tactics that go beyond technical hacking to influence the information sphere as well,” comments Christopher Budd, director of threat intelligence at Sophos X-Ops.

Blackmail with a public image

Hacker groups specializing in ransomware are implementing a more refined public image, making use of direct communication channels such as Telegram and web pages with contact forms and FAQs. With these moves, they seek to put pressure on victims by exposing them to the public and their business partners, with the risk that internal documents of the affected companies will be exposed online, as reported in a Royal ransom note analyzed by Sophos.

Extreme pressure tactics from hackers

Hacker tactics range from media attention to extreme moves, as demonstrated by the ALPHV group (also known as BlackCat), which filed an official complaint with the US Securities and Exchange Commission criticizing a victim for failing to timely report a ransomware attack . Although the new regulations were not yet active, the incident gained widespread media attention.

Analysts in the guise of attackers

Not all ransomware groups take this new media approach lightly. Groups known for their aggressiveness, such as Cl0p and LockBit, instead communicated in a more hostile manner. Although some of these behaviors may appear childish, in some cases they showed remarkable professionalism. For example, in response to initially erroneous information about the MGM attack, ALPHV issued a 1,300-word statement that could be equated with technical analyzes published by security firms. “They adopt in their communication principles that we use every day in the cybersecurity space,” concludes Budd.

Follow us on Facebook for more pills like this

12/13/2023 12:36

Marco Verro

Last pills

Italy's success in cybersecurityHow Italy achieved excellence in global cybersecurity: strategies, collaborations, and international successes

IntelBroker alleged breach of Deloitte systemsServer exposed: how Deloitte's security may have been compromised by a cyber attack

Vo1d infections on Android TV boxes: how to protect your devicesLearn the essential measures to protect your Android TV boxes from the dreaded Vo1d malware and keep your devices safe from cyber threats

Hacker attack in Lebanon: Hezbollah under fireTechnological shock and injuries: cyber warfare hits Hezbollah in Lebanon