Security News > 2021 > October > SnapMC hackers skip file encryption and just steal your files
A new actor tracked as SnapMC has emerged in the cybercrime space, performing the typical data-stealing extortion that underpins ransomware operations, but without doing the file encryption part.
File encryption is considered a core component of ransomware attacks, as it's the very element that brings operational disruption to the victim.
Data exfiltration for purposes of double extortion came later as an additional form of leverage against a victim, but always took a back seat to the mayhem caused by an encrypted network.
The actors use SQL database exportation scripts to steal the data, while the CSV files are compressed with the 7zip archive utility prior to exfiltration.
In data exfiltration extortion attacks, meeting the threat actor's demands by paying a ransomware, guarantees nothing.
During negotiation cases in the past, victims have paid a ransom and their data was stll leaked or no proof of deletion was ever provided.