Grief ransomware threatens to destroy victimsdata if they turn to negotiators

The cybercriminals behind the ransomware Grief said that if the victims hired an intermediary firm specializing in negotiating with the ransomware, their data would be destroyed.

More recently, there was evidence that the developers of Ragnar Locker threaten toleakthe data of the victims to the network if they contact the FBI, police or private investigators. The threat also extends to those victims who turn to data recovery specialists. Following this warning last week, Ragnar Locker operators have already released all the details of one of their victims, as the affected company has hired a negotiator.

The fact is that extortionists really do not like it when professional negotiators and law enforcement agencies are involved in the case. Rốt cuộc, all this can lead to a decrease in profits, as well as delays and an increase in the time during which the victim responds to the incident.

Now Grief (aka Pay or Grief) malware operators have resorted to similar threats. The hackers posted a warning on their website, which states that all data of the victim will be deleted if she contacts intermediaries.

The hackers posted a warning

We want to play a game. If we see a professional Data Recovery Company™ negotiator, we will simply destroy [your] data. Data Recovery™ companies, as we mentioned above, get paid anyway. The Data Recovery Companies™ strategy is not to pay the requested amount and not to solve the case, but to slow down [the whole process]. Vì thế, we have nothing to lose in this case. Just a time saver for all parties involved. What will the Data Recovery Company™ earn if the ransom amount is not set and the data is simply destroyed with zero chances of recovery? We think millions of dollars. Clients will bring them money just like that.the hackers write.
Bleeping Computer notes that with these statements, Grief not only wants to put pressure on its victims, but also to evade US sanctions. The fact is that Grief has long been associated with the Russian-speaking hacker group Evil Corp, against which the US government has imposed sanctions. That is, by prohibiting victims from hiring specialists who negotiate the ransom, hackers hope that the victims will not learn about the risks associated with the sanctions, and still pay the required amount.

Let me remind you that we reported that DoppelPaymer ransomware is renamed to Grief.

Helga Smith

Tôi luôn quan tâm đến khoa học máy tính, đặc biệt là bảo mật dữ liệu và chủ đề, được gọi là ngày nay "khoa học dữ liệu", kể từ khi tôi còn ở tuổi thiếu niên. Trước khi vào nhóm Diệt Virus với vai trò Tổng biên tập, Tôi đã làm việc với tư cách là chuyên gia an ninh mạng tại một số công ty, bao gồm một trong những nhà thầu của Amazon. Một trải nghiệm khác: Tôi đã nhận được đang giảng dạy tại các trường đại học Arden và Reading.

Gửi phản hồi

Website này sử dụng Akismet để hạn chế spam. Tìm hiểu bình luận của bạn được duyệt như thế nào.

Nút quay lại đầu trang