Clop ransomware operators are switching to a new tactic to force victims into paying the ransom by emailing their customers and asking them to demand a ransom payment to protect their privacy.
The new technique aims at making the double-extortion tactic more efficient, crooks sent emails directly to victims’ customers found in documents stolen during the ransomware attack.
According to BleepingComputer, the first victim threatened with this new tactic was Flagstar Bank followed by the University of Colorado.
“In an email seen by BleepignComputer, Clop is now using the same tactic to the customers of an online maternity clothing store, which will not be naming.” reported BleepingComputer. “In these emails, Clop is sending customers threatening emails with the subject “Your personal data has been stolen and will be published.”
Clop ransomware operators invited the victim’s customer to contact the victim and ask it protect their privacy by paying the ransomware.
Ransomware operators continue to evolve their tactics, recently the REvil ransomware gang announced that they are using DDoS attacks and voice calls to the victim’s business partners and journalists to force the victims into pay the ransom.
If you want to receive the weekly Security Affairs Newsletter for free subscribe here.
(SecurityAffairs – hacking, Clop Ransomware)