Ransomware Groups Now Threatening to Release Stolen Data If Businesses Don’t Pay

Ransomware Groups Now Threatening to Release Stolen Data If Businesses Don’t Pay

Getting hit with ransomware can be devastating to a company, but malware operators are trying to make it even worse. Not only are they holding potentially vital data hostage, but they’re also threatening to shame companies that don’t quietly pay the ransom. The cybercriminals behind the Maze Ransomware have set up a website where they have pledged to reveal which companies don’t “work with [them]” to recover data.

We all benefit from encryption when it keeps our files and communications private, but the same technology makes ransomware possible. Ransomware can target individuals, but the criminals behind these operations have increasingly targeted companies with deeper pockets than your average computer user. Upon infecting a computer, ransomware encrypts important files and deletes the originals. To retrieve the files, the victim has to pay a ransom (usually in Bitcoin) in exchange for the decryption key.

The Maze site, which is hosted on the open internet (and we won’t be linking), lists eight companies that have refused to pay the company’s ransom. The group lists the date of the attack, a selection of stolen files, and the total volume of data collected. Yes, Maze has gone to the added effort of stealing data from infected systems as extra leverage.

Ransomware Groups Now Threatening to Release Stolen Data If Businesses Don’t Pay

This is something ransomware authors have threatened in the past, but Maze is the first known to have done it. The makers of the Sodinokibi/rEvil ransomware have posted recently on dark web forums that they are finalizing plans to do something very similar. They hope that threatening companies with those stolen files with increase the number willing to pay up. Of course, you’d have to trust these groups to delete the stolen data after being paid, which seems far from certain.

Maze frames this as a public service that will reveal companies that are attempting to hide the unauthorized attack on their systems. However, it’s a rather transparent threat that could cause more companies to pay for fear of having private data released. The end result is that companies need to start treating malware attacks like data breaches. If customer data is included in encrypted volumes after the attack, it’s entirely possible that data is in the hands of criminals. Companies will need to do all the usual data breach things: notify customers, reset passwords, and issue carefully crafted but ultimately hollow apologies.

Continue reading

Cyberpunked 2077: CDPR ‘Apologizes’ For Releasing Broken Game, Offers Refunds
Cyberpunked 2077: CDPR ‘Apologizes’ For Releasing Broken Game, Offers Refunds

Cyberpunk 2077's PS4 and Xbox One S version is so bad, the company is now offering refunds. We recommend last-gen console gamers take them up on it, rather than waiting.

Unreleased Nintendo Game Boy Keyboard Brought Back to Life
Unreleased Nintendo Game Boy Keyboard Brought Back to Life

Gaming history YouTuber Liam Robertson has gotten his hands on a Work Boy — possibly the last one in the world, and it's working thanks to that giant Nintendo data leak from a few months back.

Google Releases First Android 12 Developer Preview
Google Releases First Android 12 Developer Preview

The first developer preview is available today, and you can take a peek at the new OS if you've got a recent Pixel phone. Be warned: this is a very early build that you should not use on your main phone.

NASA Releases Incredible Perseverance Rover Landing Video
NASA Releases Incredible Perseverance Rover Landing Video

NASA's Perseverance rover has been on the surface of Mars for several days, giving the team here on Earth time to run system checks and download preliminary data from the robot. The agency has now released the first large batch of media from the mission, including hundreds of still images and the first video and audio ever recorded on Mars.