Hackers are selling information about their ransomware attacks to stock traders to earn additional income, as well as put pressure on their victims to pay up in order to avoid their stock price collapsing.
The DarkSide ransomware group is liaising with stock traders so they can sell valuable information on their latest corporate victim, according to SC Magazine, with the expectation they’ll use the information to short-sell shares.
The effect of this, should enough short-selling occur, would be to dramatically reduce the victim’s stock price. DarkSide would then exploit this reality to insist the victim pays the ransom fee demanded of them to avoid the share price collapsing any further.
“Now our team and partners encrypt many companies that are trading on NASDAQ and other stock exchanges,” the group posted on the DarkSide Leaks site last week.
“If the company refuses to pay, we are ready to provide information before the publication, so that it would be possible to earn in the reduction price of shares. Write to us in ‘Contact Us’ and we will provide you with detailed information.”
Pursuing this strategy would open up a new revenue stream in the selling of information to traders once an attack has been committed, while also increasing the chances that their initial ransom attempt would succeed.
Mimecast’s head of e-crime, Carl Wearn, has branded this as further evidence of the detrimental effect that ransomware can have on an organisation, with business disruption, a hit to productivity and data loss as the most common consequences.
“But on top of this loss of productivity,” Wearn continued, “ransomware also has financial implications with victims seeing their share price taking a hit. It is therefore unsurprising that many victims pay the ransom demanded and our research shows that 50% of organisations impacted paid the ransom.
RELATED RESOURCE
“For many organisations, the damage is already done, with the financial impact and the effect on customer trust. The best way to avoid falling victim to ransomware is to implement strong resiliency measures and ensure that employees are properly trained in cyber awareness.”
Methods that cyber criminals deploy to extort their victims, particularly with ransomware strains, is always evolving, with the volume of attacks also surging in recent years. One of the most recent attacks has seen hackers with the REvil group steal confidential data from the Taiwanese firm Quanta Computer, including schematics for Apple devices.
-
Apple just released an emergency patch for a zero-day exploited in the wildNews Apple is warning millions of users of iPhones, iPads and Macs to update their software to protect against an out-of-bounds write vulnerability
-
Google's new Jules coding agent is free to use for anyone – and it just got a big update to prevent bad code outputNews Jules came out of beta and launched publicly earlier this month, but it's already had a big update aimed at improving code quality and safety.
-
Average ransom payment doubles in a single quarterNews Targeted social engineering and data exfiltration have become the biggest tactics as three major ransomware groups dominate
-
BlackSuit ransomware gang taken down in latest law enforcement sting – but members have already formed a new groupNews The notorious gang has seen its servers taken down and bitcoin seized, but may have morphed into a new group called Chaos
-
Google cyber researchers were tracking the ShinyHunters group’s Salesforce attacks – then realized they’d also fallen victimNews In an update to an investigation on the ShinyHunters group, Google revealed it had also been affected
-
Nearly one-third of ransomware victims are hit multiple times, even after paying hackersNews Many ransomware victims are being hit more than once, largely thanks to fragmented security tactics
-
75% of UK business leaders are willing to risk criminal penalties to pay ransomsNews A ransom payment ban is a great idea - until you're the one being targeted...
-
The Scattered Spider ransomware group is infiltrating Slack and Microsoft Teams to target vulnerable employeesNews The group is using new ransomware variants and new social engineering techniques - including sneaking into corporate teleconferences
-
Hackers breached a 158 year old company by guessing an employee password – experts say it’s a ‘pertinent reminder’ of the devastating impact of cyber crimeNews A Panorama documentary exposed hackers' techniques and talked to the teams trying to tackle them
-
The ransomware boom shows no signs of letting up – and these groups are causing the most chaos
News Thousands of ransomware cases have already been posted on the dark web this year
