Ransomware Gangs Adopt Search Function to Let Victims Check Stolen Data
Cybercrime groups that deal in ransomware attacks and data extortion have been spotted using a new persuasion strategy against their victims.
The new maneuver involves implementing a search function on dedicated leak websites so visitors can more easily find victims and specific details about them.
The ALPHV/BlackCat ransomware gang released last week a searchable database consisting of leaked data from victims who refused to pay the ransom. In the group’s announcement, its members gave out the specifics of the search function.
Reportedly, visitors of the leak site can look up information by content for documents and images and by filename. Queries return results from the website’s “Collections” section. The new feature was originally meant to make it easier for other threat actors to identify stolen information.
This is ALPHV/BlackCat’s second attempt at employing this tactic. Last month, the gang released a searchable database of stolen data from an attack against an Oregon hotel and spa.
The website allowed both hotel employees and guests to check if their data was compromised in the attack, as Bleeping Computer reported.
As previously mentioned, several cybercrime groups resorted to this tactic. LockBit recently released a revamped version of their leak website, which now includes a search function.
However, LockBit adopted a more rudimentary version of the feature that only lets visitors check victims by their name. Nevertheless, even a simplified version of the search function can make it easier for cybercrooks to identify stolen data.
Last but not least, Karakurt jumps on the bandwagon of cybercrime groups making their stolen files databases searchable. The adoption of the search feature is still in its infancy, making it hard to know if it will be a successful coercion tactic.
Specialized software solutions such as Bitdefender Digital Identity Protection can help keep your digital identity safe from data breaches. The service continuously scans the public and deep web for unauthorized personal data leaks, reports breaches, and enables you to take quick action against events that could jeopardize your digital footprint.
How to monitor your online privacy during your Thanksgiving trip
November 22, 2022
Just your yearly dose of Black Friday spam: Cybercrooks get ahead of the game to steal shoppers’ info
November 16, 2022
Bitdefender VPN in 2022: the new, the improved, and the soon-to-be
November 14, 2022
August Spam Debrief: Bitdefender Labs Warns of Fraud Campaigns Exploiting the Russia-Ukraine War
August 31, 2022
Snake Keylogger Returns in Malspam Campaign Disguised as Business Portfolio from IT Vendor
August 30, 2022
What is medical identity theft and how to protect against it
July 27, 2022