Home GDPR #Privacy: Nemty ransomware will start leaking stolen data
GDPR - January 14, 2020

#Privacy: Nemty ransomware will start leaking stolen data

Nemty Ransomware has announced plans it will create a blog to publish stolen data from ransomware victims who refuse to pay the ransom. 

Sodinokibi and Maze Ransomware are using a new tactic whereby files are stolen from organisations before encrypting them.

If the victim refuses to pay the ransom, then the stolen data is slowly leaked little-by-little until the ransom has been paid. 

The thought process behind this is that organisations may choose to pay the ransom if it costs less than the financial penalties, data breach notification costs, loss of trade and potential lawsuits for exposing personal data. 

A recent ‘News” post from the Nemty Ransomware affiliate panel, shared with BleepingComputer shows plans to create a website where they will leak the stolen data if the ransom is not paid. 

“Nemty is already configured for network attacks with a builder mode that is used to create executables that target an entire network rather than individual computers,” explained BleepingComputer.

“According to this mode, the created ransomware executables are “only for corporations”. This means there will be one key used to decrypt all the devices in the network and victims will not be able to decrypt individual machines.”

If this new extortion method is successful, threat actors will start adopting this new tactic, which will not just negatively impact organisations, but also allow for personal and third-party information to be disclosed to anyone. 

The post #Privacy: Nemty ransomware will start leaking stolen data appeared first on PrivSec Report.


Source link

Leave a Reply

Your email address will not be published. Required fields are marked *

Check Also

EC launches public consultation on cybersecurity

The European Commission (EC) is seeking the views of interested parties on its 2016 direct…