Security News > 2020 > April > ‘Double Extortion’ Ransomware Attacks Spike
Victims of ransomware attacks now face a double whammy of headaches.
The ransomware tactic, call "Double extortion," first emerged in late 2019 by Maze operators - but has been rapidly adopted over the past few months by various cybercriminals behind the Clop, DoppelPaymer and Sodinokibi ransomware families.
A November 2019 ransomware attack against Allied Universal, a large American security staffing company, set the precedent for "Double extortion." After the company was hit by a Maze ransomware attack, and refused to cough up the 300 Bitcoin ransom, the attackers threatened to use sensitive information extracted from Allied Universal's systems, as well as stolen email and domain name certificates, for a spam campaign impersonating Allied Universal.
Attackers using the Sodinokibi ransomware have created a "Happy Blog" where they have recently published details of ransomware attacks on 13 targets, as well as company information stolen from the targeted organizations.
"With their focus on coronavirus patients, addressing a double extortion ransomware attack would be very difficult. We issue caution to hospitals and large organization, surging them to back up their data and educate their staff."
News URL
https://threatpost.com/double-extortion-ransomware-attacks-spike/154818/
Related news
- Jackson County in state of emergency after ransomware attack (source)
- Panera Bread week-long IT outage caused by ransomware attack (source)
- The Week in Ransomware - April 5th 2024 - Virtual Machines under Attack (source)
- How can the energy sector bolster its resilience to ransomware attacks? (source)
- The Drop in Ransomware Attacks in 2024 and What it Means (source)
- Change Healthcare faces second ransomware dilemma weeks after ALPHV attack (source)
- Daixin ransomware gang claims attack on Omni Hotels (source)
- Change Healthcare’s ransomware attack costs edge toward $1B so far (source)
- United Nations agency investigates ransomware attack, data theft (source)
- The Week in Ransomware - April 19th 2024 - Attacks Ramp Up (source)