A new trend among cybercriminals is threating to delete victims’ data if they call in a professional mediator to help lower prices for decryptor tools.
Cybercriminal gang Grief Corp warned its victims it would instantly delete data if they engaged with mediator.
In a statement posted to its Tor-hosted blog, Grief Corp said, “We wanna play a game. If we see professional negotiator from Recovery Company™ – we will just destroy the data. Recovery Company™ as we mentioned [earlier] will get paid either way.”
Shortly after, rival ransomware group RagnorLocker made a similar threat, according to The Register.
Cybercriminals are employing malicious software or malware at unprecedented rates. An IDC survey found more than one third of organizations worldwide have experienced a ransomware attack or breach.
Frank Dickson, program vice president, Cybersecurity Products at IDC said in the survey report, “As the greed of cybermiscreants has been fed, ransomware has evolved in sophistication, moving laterally, elevating privileges, actively evading detection, exfiltrating data, and leveraging multifaceted extortion. Welcome to digital transformation’s dark side!”
Ransomware prevents organizations for accessing their files, systems, or networks until a ransom is paid for the return.
The FBI has issued a warning to not pay a ransom in response to such attacks. Paying a ransom does not guarantee organizations will get all of its data back. Experts also caution ransomware victims are likely to be hit again.
The FBI also recommends filing a report with their Internet Crime Complaint Center (IC3), if your business has been a victim of an internet crime.
Cybercriminals are getting savvier by the day. IT managers should continually review their security and data protections/recovery practices.