Ransomware gang is selling intel to traders to extort victims
The scheme relies on market traders using information about ransomware attacks to short-sell shares and collapse a victim's stock price
Hackers are selling information about their ransomware attacks to stock traders to earn additional income, as well as put pressure on their victims to pay up in order to avoid their stock price collapsing.
The DarkSide ransomware group is liaising with stock traders so they can sell valuable information on their latest corporate victim, according to SC Magazine, with the expectation they’ll use the information to short-sell shares.
The effect of this, should enough short-selling occur, would be to dramatically reduce the victim’s stock price. DarkSide would then exploit this reality to insist the victim pays the ransom fee demanded of them to avoid the share price collapsing any further.
“Now our team and partners encrypt many companies that are trading on NASDAQ and other stock exchanges,” the group posted on the DarkSide Leaks site last week.
“If the company refuses to pay, we are ready to provide information before the publication, so that it would be possible to earn in the reduction price of shares. Write to us in ‘Contact Us’ and we will provide you with detailed information.”
Pursuing this strategy would open up a new revenue stream in the selling of information to traders once an attack has been committed, while also increasing the chances that their initial ransom attempt would succeed.
Mimecast’s head of e-crime, Carl Wearn, has branded this as further evidence of the detrimental effect that ransomware can have on an organisation, with business disruption, a hit to productivity and data loss as the most common consequences.
“But on top of this loss of productivity,” Wearn continued, “ransomware also has financial implications with victims seeing their share price taking a hit. It is therefore unsurprising that many victims pay the ransom demanded and our research shows that 50% of organisations impacted paid the ransom.
“For many organisations, the damage is already done, with the financial impact and the effect on customer trust. The best way to avoid falling victim to ransomware is to implement strong resiliency measures and ensure that employees are properly trained in cyber awareness.”
Methods that cyber criminals deploy to extort their victims, particularly with ransomware strains, is always evolving, with the volume of attacks also surging in recent years. One of the most recent attacks has seen hackers with the REvil group steal confidential data from the Taiwanese firm Quanta Computer, including schematics for Apple devices.
What 2023 will mean for the industry
What do most IT decision makers really think will be the important trends and challenges in the coming year?
Free Download2022 Magic quadrant for Security Information and Event Management (SIEM)
SIEM is evolving into a security platform with multiple features and deployment models
Free Download
Magic quadrant for application performance monitoring and observability
Enabling continuous updating of diverse & dynamic application environments
View Now
