‘Double Extortion’ Ransomware Attacks Spike

2020-04-16 10:00

Victims of ransomware attacks now face a double whammy of headaches.

The ransomware tactic, call "Double extortion," first emerged in late 2019 by Maze operators - but has been rapidly adopted over the past few months by various cybercriminals behind the Clop, DoppelPaymer and Sodinokibi ransomware families.

A November 2019 ransomware attack against Allied Universal, a large American security staffing company, set the precedent for "Double extortion." After the company was hit by a Maze ransomware attack, and refused to cough up the 300 Bitcoin ransom, the attackers threatened to use sensitive information extracted from Allied Universal's systems, as well as stolen email and domain name certificates, for a spam campaign impersonating Allied Universal.

Attackers using the Sodinokibi ransomware have created a "Happy Blog" where they have recently published details of ransomware attacks on 13 targets, as well as company information stolen from the targeted organizations.

"With their focus on coronavirus patients, addressing a double extortion ransomware attack would be very difficult. We issue caution to hospitals and large organization, surging them to back up their data and educate their staff."

News URL

https://threatpost.com/double-extortion-ransomware-attacks-spike/154818/

#attack #ransomware #spike

News URL

Related news