This ransomware gang lets you rummage around their stolen data

News
By published

Gangs want to help other gangs kick off attacks faster

Passwords
Image Credit: Shutterstock (Image credit: Shutterstock)

We appear to have reached the next stage in the evolution of ransomware, as operators now allow people to search through the files stolen from companies that declined to pay up.

Multiple ransomware operators are reportedly now adding the feature to their leak sites - and while some have done a poor job, as their engines didn’t exactly work as intended, others appear to have successfully pulled it off.

In the case of BlackCat (AKA ALPHV), not only does the search engine work, but the files were also indexed, allowing visitors to search by specific keywords or file types, making it easier for other cybercriminals to find sensitive data, and possibly attack other firms with malware and ransomware, as well.

Finding passwords faster

LockBit is another threat actor that introduced the same functionality to its website, and although it’s not as advanced as BlackCat’s, it still works relatively well. Karakurt’s search engine, however, was shown as malfunctioning. 

By allowing victims, other threat actors, and anyone else, to quickly and easily go through terabytes of stolen data, ransomware operators want to exert additional pressure on the victim, to have them pay the ransom. 

If the victim’s client, or customer, sees their data exposed to the public in this way, they might try and persuade them to pay the ransom and have that data removed from the web as soon as possible.

Read more

> Here's how to protect your online identities from theft

> One of the most dastardly ransomware strains has received a Rust-flavored upgrade

> Cybersecurity watchdog asks lawyers for help in the fight against ransomware

This is just another step, in a long line of moves cybercriminals have been pulling, since the inception of ransomware, all with the goal of incentivizing payment. 

In the early days, when businesses declined to pay up, threat actors started both encrypting and stealing data, threatening to release it to the public. 

When that, too, failed to convince the victims, they started bullying them with phone calls and threatening emails. In some cases, ransomware attacks are also followed up with distributed denial of service (DDoS) attacks, clogging the front-end with bogus traffic, and paralyzing the business both from the customer-facing side, as well as from the back-office. 

  • Protect your networks from bogus traffic with the best firewalls around

Via: BleepingComputer

Sead Fadilpašić

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

Read more
A laptop with a red screen with a white skull on it with the message: "RANSOMWARE. All your files are encrypted."
AWS S3 feature abused by ransomware hackers to encrypt storage buckets
Concept art representing cybersecurity principles
How to combat exfiltration-based extortion attacks
ransomware avast
Hackers spotted using unsecured webcam to launch cyberattack
Image of laptop infected with malware
Ransomware criminals are now sending their demands...by snail mail?
Lock on Laptop Screen
Clop ransomware lists Cleo cyberattack victims
A group of 7 hackers, 6 slightly blurred in the background and one in the foreground, all wearing black with hoods pulled up over their heads. You cannot see their faces. The hacker in the foreground sits with an open laptop in front of them. The background, behind the hackers, is a Chinese flag
China government-linked hackers caught running a seriously dangerous ransomware scam
Latest in Security
A man holds a smartphone iPhone screen showing various social media apps including YouTube, TikTok, Facebook, Threads, Instagram and X
A worrying Apple Password App vulnerability reportedlyleft users exposed for months
DeepSeek
Fake DeepSeek installers are infecting your device with dangerous malware
AI tools.
Not even fairy tales are safe - researchers weaponise bedtime stories to jailbreak AI chatbots and create malware
Data leak
Top California sperm bank suffers embarrassing leak
An Android phone being held in the hand
These malicious Android apps were installed over 60 million times - here's how to stay safe
ransomware avast
Billions of credentials were stolen from businesses around the world in 2024
Latest in News
A man holds a smartphone iPhone screen showing various social media apps including YouTube, TikTok, Facebook, Threads, Instagram and X
A worrying Apple Password App vulnerability reportedlyleft users exposed for months
Google Pixel 9a
Google is delaying the Pixel 9a to fix a mystery “component quality issue”
The bottom left corner of an Android phone, showing the Phone, Messages, Google icons and Google Search bar
Google Messages remote delete will soon save you from texting embarrassment – and here's how it works
ExpressVPN mobile app and Aircove
ExpressVPN ‘reduces workforce’ for the second time in two years
The Nanoleaf PC Screen Mirror Lightstrip being used on a desktop computer.
Mac gaming could get an intriguing boost – but not in the way you'd expect
Snapdragon G Series
Qualcomm poised to muscle in on AMD's territory with powerful gaming handheld processors
More about security
A man holds a smartphone iPhone screen showing various social media apps including YouTube, TikTok, Facebook, Threads, Instagram and X

A worrying Apple Password App vulnerability reportedlyleft users exposed for months
DeepSeek

Fake DeepSeek installers are infecting your device with dangerous malware
Elecom 9,000mAh sodium-ion battery

This is the world's first sodium-ion mobile battery, a game changer in environmental sustainability, but it's not cheap
See more latest
Most Popular
Elecom 9,000mAh sodium-ion battery
This is the world's first sodium-ion mobile battery, a game changer in environmental sustainability, but it's not cheap
The bottom left corner of an Android phone, showing the Phone, Messages, Google icons and Google Search bar
Google Messages remote delete will soon save you from texting embarrassment – and here's how it works
Data center server room lit with green lights
Microsoft is MIA as Amazon, Meta, Google and others join consortium to triple nuclear energy output by 2050
Thrustmaster Sol-R flight stick
Thrustmaster announces the Sol-R 1 and Sol-R 2 HOSAS flight sticks designed for space sims like Elite Dangerous
Image of AC Shadows cover art & Steam Deck
It's not perfect, but Assassin's Creed Shadows' performance is impressive - it runs smoothly on the Steam Deck and Asus ROG Ally
Google Pixel 9a
Google is delaying the Pixel 9a to fix a mystery “component quality issue”
A man holds a smartphone iPhone screen showing various social media apps including YouTube, TikTok, Facebook, Threads, Instagram and X
A worrying Apple Password App vulnerability reportedlyleft users exposed for months
DeepSeek
Fake DeepSeek installers are infecting your device with dangerous malware
The new KontrolFreek Call of Duty Performance Thumbsticks on a purple background.
Exclusive: the new KontrolFreek Call of Duty Performance Thumbsticks Speed Cola Edition might be the coolest looking yet and come with a limited in-game item
David running in the desert in House of David.
Prime Video’s hit new historical drama will continue its reign for another season as House of David gets renewed