Security News > 2022 > June > US govt: Paying Karakurt extortion ransoms won’t stop data leaks
Several U.S. federal agencies warned organizations today against paying ransom demands made by the Karakurt gang since that will not prevent their stolen data from being sold to others.
Karakurt, the data extortion arm of the Conti ransomware gang and cybercrime syndicate, is focused on stealing data from companies since at least June 2021 and forcing them into paying ransoms under the threat of publishing the information online.
After stealing their victims' data, Karakurt demands ransoms ranging from $25,000 to $13 million worth of Bitcoin that must be paid within a week.
The extortion gang is pressing victims into paying the data extortion ransom by harassing their business partners, clients, and employees via email and phone calls prodding them to ask for negotiations to prevent data leaks.
"Although Karakurt's primary extortion leverage is a promise to delete stolen data and keep the incident confidential, some victims reported Karakurt actors did not maintain the confidentiality of victim information after a ransom was paid," the FBI, CISA, U.S. Department of Treasury, and FinCEN said in a joint advisory.
In some instances, Karakurt actors claimed to steal volumes of data far beyond the storage capacity of compromised systems or claimed to steal data that did not belong to the victim."
News URL
Related news
- Ransom Cartel, Reveton ransomware owner arrested, charged in US (source)
- Toyota confirms breach after stolen data leaks on hacking forum (source)
- Brain Cipher claims attack on Olympic venue, promises 300 GB data leak (source)
- Thousands of orgs at risk of knowledge base data leaks via ServiceNow misconfigurations (source)
- A data leak and a data breach (source)