Need another reason to defend against ransomware instead of ending up having to find a solution other than paying it? Double extortion may be it.
So, what is double extortion? When did it start? With this tactic, ransomware actors steal a victim’s data before their malware strain activates its encryption routine. They then have the option of demanding two ransoms. The first one is the provision of a decryption utility. The second one guarantees verbal confirmation of having deleted the victim’s data from their servers. They can also leverage that data theft to pressure victims — even those that have a robust data backup strategy.
A Look Back at Double Extortion
In November 2019, the Maze gang struck a security staffing firm. Bleeping Computer received an email from someone who claimed to be a member of the Maze Crew. It informed the computer self-help website that they had breached the security staffing firm and stolen some of their data.
“If they don’t begin sending requested money until next Friday we will begin releasing on public everything that we have downloaded from their network before running Maze[sic],” the individual explained.
The security staffing firm missed its deadline to pay. So, the Maze ransomware group published 700 MB worth of its data. The threat actors told Bleeping Computer that the leak represented about 10% of the total number of stolen files. As such, the attackers threatened to release the rest of them if the victim continued to refuse to pay.
The use of double extortion picked up from there. For its part, Maze helped some ransomw ..
Support the originator by clicking the read the rest link below.
