Ransomware gang is selling intel to traders to extort victims

Hackers are selling information about their ransomware attacks to stock traders to earn additional income, as well as put pressure on their victims to pay up in order to avoid their stock price collapsing.

The DarkSide ransomware group is liaising with stock traders so they can sell valuable information on their latest corporate victim, according to SC Magazine, with the expectation they’ll use the information to short-sell shares.

The effect of this, should enough short-selling occur, would be to dramatically reduce the victim’s stock price. DarkSide would then exploit this reality to insist the victim pays the ransom fee demanded of them to avoid the share price collapsing any further.

“Now our team and partners encrypt many companies that are trading on NASDAQ and other stock exchanges,” the group posted on the DarkSide Leaks site last week.

“If the company refuses to pay, we are ready to provide information before the publication, so that it would be possible to earn in the reduction price of shares. Write to us in ‘Contact Us’ and we will provide you with detailed information.”

Pursuing this strategy would open up a new revenue stream in the selling of information to traders once an attack has been committed, while also increasing the chances that their initial ransom attempt would succeed.

Mimecast’s head of e-crime, Carl Wearn, has branded this as further evidence of the detrimental effect that ransomware can have on an organisation, with business disruption, a hit to productivity and data loss as the most common consequences.

“But on top of this loss of productivity,” Wearn continued, “ransomware also has financial implications with victims seeing their share price taking a hit. It is therefore unsurprising that many victims pay the ransom demanded and our research shows that 50% of organisations impacted paid the ransom.

“For many organisations, the damage is already done, with the financial impact and the effect on customer trust. The best way to avoid falling victim to ransomware is to implement strong resiliency measures and ensure that employees are properly trained in cyber awareness.”

Methods that cyber criminals deploy to extort their victims, particularly with ransomware strains, is always evolving, with the volume of attacks also surging in recent years. One of the most recent attacks has seen hackers with the REvil group steal confidential data from the Taiwanese firm Quanta Computer, including schematics for Apple devices.