Hackers are selling information about their ransomware attacks to stock traders to earn additional income, as well as put pressure on their victims to pay up in order to avoid their stock price collapsing.
The DarkSide ransomware group is liaising with stock traders so they can sell valuable information on their latest corporate victim, according to SC Magazine, with the expectation they’ll use the information to short-sell shares.
The effect of this, should enough short-selling occur, would be to dramatically reduce the victim’s stock price. DarkSide would then exploit this reality to insist the victim pays the ransom fee demanded of them to avoid the share price collapsing any further.
“Now our team and partners encrypt many companies that are trading on NASDAQ and other stock exchanges,” the group posted on the DarkSide Leaks site last week.
“If the company refuses to pay, we are ready to provide information before the publication, so that it would be possible to earn in the reduction price of shares. Write to us in ‘Contact Us’ and we will provide you with detailed information.”
Pursuing this strategy would open up a new revenue stream in the selling of information to traders once an attack has been committed, while also increasing the chances that their initial ransom attempt would succeed.
Mimecast’s head of e-crime, Carl Wearn, has branded this as further evidence of the detrimental effect that ransomware can have on an organisation, with business disruption, a hit to productivity and data loss as the most common consequences.
“But on top of this loss of productivity,” Wearn continued, “ransomware also has financial implications with victims seeing their share price taking a hit. It is therefore unsurprising that many victims pay the ransom demanded and our research shows that 50% of organisations impacted paid the ransom.
RELATED RESOURCE
“For many organisations, the damage is already done, with the financial impact and the effect on customer trust. The best way to avoid falling victim to ransomware is to implement strong resiliency measures and ensure that employees are properly trained in cyber awareness.”
Methods that cyber criminals deploy to extort their victims, particularly with ransomware strains, is always evolving, with the volume of attacks also surging in recent years. One of the most recent attacks has seen hackers with the REvil group steal confidential data from the Taiwanese firm Quanta Computer, including schematics for Apple devices.
-
AI coding tools are booming – and developers in this one country are by far the most frequent usersNews AI coding tools are soaring in popularity worldwide, but developers in one particular country are among the most frequent users.
-
Cisco warns of critical flaw in Unified Communications Manager – so you better patch nowNews While the bug doesn't appear to have been exploited in the wild, Cisco customers are advised to move fast to apply a patch
-
A prolific ransomware group says it’s shutting down and giving out free decryption keys to victims – but cyber experts warn it's not exactly a 'gesture of goodwill'News The Hunters International ransomware group is rebranding and switching tactics
-
Swiss government data published following supply chain attack – here’s what we know about the culpritsNews Radix, a non-profit organization in the health promotion sector, supplies a number of federal offices, whose data has apparently been accessed.
-
Ransomware victims are getting better at haggling with hackersNews While nearly half of companies paid a ransom to get their data back last year, victims are taking an increasingly hard line with hackers to strike fair deals.
-
LockBit data dump reveals a treasure trove of intel on the notorious hacker groupNews An analysis of May's SQL database dump shows how much LockBit was really making
-
‘I take pleasure in thinking I can rid society of at least some of them’: A cyber vigilante is dumping information on notorious ransomware criminals – and security experts say police will be keeping close tabsNews An anonymous whistleblower has released large amounts of data allegedly linked to the ransomware gangs
-
It's been a bad week for ransomware operatorsNews A host of ransomware strains have been neutralized, servers seized, and key players indicted
-
Everything we know about the Peter Green Chilled cyber attackNews A ransomware attack on the chilled food distributor highlights the supply chain risks within the retail sector
-
Scattered Spider: Who are the alleged hackers behind the M&S cyber attack?News The Scattered Spider group has been highly active in recent years
