The cybercriminals behind the ransomware Grief said that if the victims hired an intermediary firm specializing in negotiating with the ransomware, their data would be destroyed.
More recently, there was evidence that the developers of Ragnar Locker threaten to “leak” the data of the victims to the network if they contact the FBI, police or private investigators. The threat also extends to those victims who turn to data recovery specialists. Following this warning last week, Ragnar Locker operators have already released all the details of one of their victims, as the affected company has hired a negotiator.
The fact is that extortionists really do not like it when professional negotiators and law enforcement agencies are involved in the case. After all, all this can lead to a decrease in profits, as well as delays and an increase in the time during which the victim responds to the incident.
Now Grief (aka Pay or Grief) malware operators have resorted to similar threats. The hackers posted a warning on their website, which states that all data of the victim will be deleted if she contacts intermediaries.
Let me remind you that we reported that DoppelPaymer ransomware is renamed to Grief.