New ransomware scam: Fake “hackers” blackmail companies


In the US, security researchers are drawing attention to a phenomenon that cybercriminals use to cash in: it’s about faking a security incident. Companies are being blackmailed without there having been an actual break-in into their systems.

That reports that Online magazine Bleeping Computer. This is not necessarily a new scam, but a trick that is currently coming to light more and more. The people behind it are known as the Silent Ransom Group, according to security specialists at Kroll.

Companies are confronted with blackmail letters of the kind known from hacker attacks. Strangers threaten to publish company data that they don’t even have. But companies still fall for it in droves.
Infographic Hacking & Cybercrime: The World’s Biggest Data Thefts

Empty threats

Taking advantage of data breaches and ransomware incidents, such extortionists give priority to threatening companies with releasing or selling allegedly stolen data if not paid. Sometimes these cybercriminals also threaten a DDoS attack if their victims do not follow the instructions.

Bleeping Computer also discovered that some of the blackmail letters were a wild mix of different ransomware campaigns and also named different hacker groups as initiators.

It is “a new wave of fake extortion attempts,” write the Kroll analysts in a security report, adding that the names of known cybercriminals are being used to intimidate victims and lend legitimacy to the threat.

“This method is cheap and can easily be performed by low-skilled attackers. Similar to the 419 wire transfer scam, victims are socially engineered by pressuring them to pay by a specified time limit trend will continue indefinitely due to its cost effectiveness and ability to continue to generate revenue for cybercriminals,” Kroll writes.

Previous incidents of fraud known

Kroll has observed such incidents since 2021, but also reports similar threats where non-paying victims then later experienced light DDoS attacks. However, these were low-level DDoS attacks that came with threats of larger attacks if the extortionists were not paid. However, it is still believed that this is a scam that should be ignored. The recommendation is to carefully analyze such emails in order to identify them as “phantom incidents” and dismiss them as empty threats.

Summary

  • Cyber ​​criminals blackmail companies with false reports of security incidents and threaten data disclosure.
  • Blackmailers use well-known names to intimidate victims.
  • Kroll has observed such cases since 2021, low-level DDoS attacks.
  • It is a scam that should be ignored.
  • Analyze emails carefully to identify them as a phantom incident.
  • Recommendation: dismiss empty threats as such.
  • Cyber ​​criminals cash in on cheap scams.

See also:


internet, safety, security

Internet, safety, vulnerability, hacker, security, attack, hack, crime, Trojan, virus, malware, exploit, cybercrime, cybersecurity, hacker attack, hacking, Internet crime, system, hacker attacks, hacker attack, hacking, attack, hacks, crime, Hacked, Pest, Hacked, System Hacked

Share This:

California18

Welcome to California18, your number one source for Breaking News from the World. We’re dedicated to giving you the very best of News.

Leave a Reply