Trend Alert: Cybercriminals Now Threatening to Delete Data of Victims

Ransomware gangs are now threating victims that they’ll “burn your data if you get a negotiator.”
Published: September 24, 2021

A new trend among cybercriminals is to threaten to delete victims’ data if they call in a professional mediator to help lower prices for decrypter tools.

Cybercriminal gang Grief Corp warned its victims it would instantly delete data if they engaged with a mediator.

In a statement posted to its Tor-hosted blog, Grief Corp said, “We wanna play a game. If we see professional negotiator from Recovery Company™ – we will just destroy the data. Recovery Company™ as we mentioned [earlier] will get paid either way.”

Shortly after, rival ransomware group RagnorLocker made a similar threat, according to The Register.

——Article Continues Below——

Get the latest industry news and research delivered directly to your inbox.

Cybercriminals are employing malicious software or malware at unprecedented rates. An IDC survey found more than one third of organizations worldwide have experienced a ransomware attack or breach.

Frank Dickson, program vice president, Cybersecurity Products at IDC said in the survey report, “As the greed of cybermiscreants has been fed, ransomware has evolved in sophistication, moving laterally, elevating privileges, actively evading detection, exfiltrating data, and leveraging multifaceted extortion. Welcome to digital transformation’s dark side!”

Ransomware prevents organizations for accessing their files, systems or networks until a ransom is paid for the return.

The FBI has issued a warning to not pay a ransom in response to such attacks. Paying a ransom does not guarantee organizations will get all of their data back. Experts also caution ransomware victims are likely to be hit again.

If your organization is hit by with ransomware, you can contact a local FBI field office to request assistance or submit a tip online.

The FBI also recommends filing a report with their Internet Crime Complaint Center (IC3), if your organization has been a victim of an internet crime.

Cybercriminals are getting savvier by the day. IT managers should continually review their security and data protections/recovery practices.


This article originally appeared in CS sister publication MyTechDecisions.com and had been edited. Zachary Comeau is TD’s web editor. 

ADVERTISEMENT
ADVERTISEMENT
Strategy & Planning Series
Strategy & Planning Series
Strategy & Planning Series
Strategy & Planning Series
Strategy & Planning Series