New Ransomware Tactic: Pay Us or the World Sees Your Keys

New Ransomware Tactic: Pay Us or the World Sees Your Keys 1

The creators of Maze Ransomware have added a new wrinkle to the typical hacker’s MO. Instead of quietly infecting and requesting ransom from victims, the so-called Maze team is publicly exposing victims by displaying real files exfiltrated from their hacked servers.

This tactic could be a disaster for crypto companies that may have put private keys or other important financial data into their private archives, should they be breached.

“Represented here companies don’t wish to cooperate with us, and trying to hide our successful attack on their resources. Wait for their databases and private papers here,” write the hackers on their public website, “Follow the news!”

Companies that have already been hit by the group include a grocery chain, Busch’s Inc., in Ann Arbor, Mich., and a lawn and garden company, Massey Services, in Florida. We’ve reached out to the alleged Maze victims; many have already made public information about the hacks on their websites.

Another group, called REvil, promises to release for free or sell vital company information to competitors if its ransom is not paid. The hackers wrote:

Each attack includes a copy of private, commercial information. In case they refuse to pay, the data will either be sold to competitors or posted on open sources. We’re interested in seeing how the GDPR [General Data Protection Regulation] authorities react. If they do not want to pay us they can pay 10 times more to the government. No problem.

Translated by CoinDesk

“For years, ransomware developers and affiliates have been telling victims that they must pay the ransom or stolen data would be publicly released,” said Lawrence Abrams, ransomware researcher at BleepingComputer. “While it has been a well-known secret that ransomware actors snoop through victim’s data, and in many cases steal it before the data [are] encrypted, they never actually carried out their threats of releasing it.”

“This is especially ghastly news for companies that may already face steep fines and other penalties for failing to report breaches and safeguard their customers’ data. For example, healthcare providers are required to report ransomware incidents to the U.S. Department of Health and Human Services, which often documents breaches involving lost or stolen healthcare data on its own site,” wrote security researcher Brian Krebs.

A list of invoices is one thing; publicizing the keys to a company’s crypto accounts are another thing entirely. Given the amount of data involved, there’s no telling what valuable information could be lurking amid a company’s paperwork.

One victim was quick to publicly react to a Dec. 9 attack.

“As early as Tuesday morning [Dec. 10], we began bringing key business systems back online, prioritizing manufacturing and logistics functions that enable us to make and ship quality products to our customers,” wrote Rich Stinson CEO of manufacturer SouthWire. “We are working diligently with our cybersecurity partner to understand the facts behind this event, resolve this disruption and resume normal business operations as quickly as possible.”

Disclosure Read More

The leader in blockchain news, CoinDesk is a media outlet that strives for the highest journalistic standards and abides by a strict set of editorial policies. CoinDesk is an independent operating subsidiary of Digital Currency Group, which invests in cryptocurrencies and blockchain startups.

About the author

E-Crypto News was developed to assist all cryptocurrency investors in developing profitable cryptocurrency portfolios through the provision of timely and much-needed information. Investments in cryptocurrency require a level of detail, sensitivity, and accuracy that isn’t required in any other market and as such, we’ve developed our databases to help fill in information gaps.

Related Posts

E-Crypto News Executive Interviews

Crypto Scams

Beanstalk Farms Loses $80M In A Massive DeFi Governance Flash-Loan Hack
Beanstalk Farms Loses $80M In A Massive DeFi Governance Flash-Loan Hack
April 23, 2022
Joon Pak Head of Crypto at Prove talks to Us about Crypto Fraud And More
April 11, 2022
Mintable CEO Zach Burks Talks to Us about the Opensea Stolen NFTs and Their Recovery
March 21, 2022
Crypto Crime
Crypto Crime Surges To Record Highs As Thieves Follow Market Buzz – Chainalysis 2022 Report
February 24, 2022
Bots Circumvent 2FA Login At Coinbase And Other Crypto Exchanges In 2022
Bots Have Circumvented 2FA Logins At Coinbase And Other Crypto Exchanges In 2022
February 17, 2022

Automated trading with HaasBot Crypto Trading Bots

Blockchain/Cryptocurrency Questions and Answers

Roundtable Interview-What is the Effect of The Russia-Ukraine War on Cryptocurrency Prices?
March 4, 2022
How Does Bitcoin Casino Work + 2021 Beginner’s Guide
November 8, 2021
How to Buy and Sell Cryptocurrency
November 8, 2021
What Are Bitcoin Futures And How Will They Work In 2022?
November 4, 2021
The Unconventional Guide to Ethereum
October 28, 2021

CryptoCurrencyUSDChange 1hChange 24hChange 7d
Bitcoin29,769 0.29 % 0.54 % 2.40 %
Ethereum1,962.9 0.31 % 1.03 % 6.32 %
Tether0.9995 0.04 % 0.04 % 0.11 %
BNB328.57 0.18 % 0.12 % 7.19 %
USD Coin0.9989 0.16 % 0.08 % 0.04 %
XRP0.4082 0.10 % 0.41 % 7.05 %
Binance USD0.9975 0.35 % 0.35 % 0.39 %
Cardano0.9566 0.22 % 0.68 % 6.96 %
Solana48.58 0.41 % 1.98 % 15.39 %
Polkadot9.980 0.49 % 1.93 % 9.76 %

Bitcoin (BTC) $ 29,808.00
Ethereum (ETH) $ 1,963.91
Tether (USDT) $ 1.00
BNB (BNB) $ 328.21
USD Coin (USDC) $ 1.00
XRP (XRP) $ 0.407111
Binance USD (BUSD) $ 0.999632
Cardano (ADA) $ 0.516339
Solana (SOL) $ 48.52
Polkadot (DOT) $ 9.98