The Darkside ransomware operators are stepping up their extortion tactics targeting companies that are listed on NASDAQ or other stock markets with a new technique.
The group announced with a message on their leak side that they will provide information stolen from these companies before the publication, so that it would be possible to earn in the reduction price of shares.
The ransomware gang aims at making pressure on the companies threatening them to leak information that could have a negative impact on their stock price, making it possible to traders to make a profit from the fall of the stock prices.
This is an unprecedented tactic in the cybercrime ecosystem.
However, the announcement also serves as an indirect method to threaten hacked companies that not paying the ransom demand could result in negative press large enough to impact their market listings and enough to push some victims into paying the asked ransom.
The ransomware gangs continue to evolve their tactics to force the victims into paying the ransom, we have observed multiple layers of extortion.
Initially, Maze operators started leaking the stolen data on their leak sites in a double model of extortion. Recently other gangs started offering to their network of affiliates cold-calls and DDoS attacks to threaten victims. threatened companies that they’d notify journalists about their security breaches
Some groups are attempting to make pressure on the victims by asking their customers to invite the company to pay the ransom demand and avoid having the customers’ data leaked online.
All of these tactics are usually deployed once ransomware gangs learn that a company whose data they stole and/or encrypted does not plan to pay the demanded ransom fee.
If you want to receive the weekly Security Affairs Newsletter for free subscribe here.
(SecurityAffairs – hacking, Darkside ransomware)