The operators behind the Nemty ransomware set up a data leak site to publish the data of the victims who refuse to pay ransoms.
Nemty ransomware first appeared on the threat landscape in August 2019, the name of the malware comes after the extension it adds to the encrypted file names. The ransomware deletes shadow copies of encrypted files to make in impossible any recovery procedure.
In October 2019, researchers from the security firm Tesorion developed a decryptor tool that works on Nemty versions 1.4 and 1.6, they also announced a working tool for version 1.5.
In February, Nemty ransomware operators announced that they will set up a website to leak the data stolen from
The operators behind the Nemty ransomware have maintained their promise and set up the data leak site following the dangerous trend begun at the end of 2019
BleepingComputer first reported the news citing the malware analyst Damien as source.
This
Other cyber crime gangs adopted the same strategy to force victims to pay the ransom, including DoppelPaymer and Sodinokibi crews.
A few days ago, the operators behind Sodinokibi Ransomware have published the download links to archives containing data allegedly stolen from the US firm Kenneth Cole Productions.
The Sodinokibi ransomware operators claim to have stolen over 70,000 documents with financial and work data, and more than 60,000 records of company customers.
The Sodinokibi gang requested the payment of a ransom and threatens to leak online the full dump containing stolen data in case the company will decide to not meet the request.
The news was first reported by the Under the Breach research group.
| [adrotate banner=”9″] | [adrotate banner=”12″] |
(
[adrotate banner=”5″]
[adrotate banner=”13″]
Share On
