Ransomware Gangs That Steal Your Data Don't Always Delete It (zdnet.com) 28
Ransomware gangs that steal a company's data and then get paid a ransom fee to delete it don't always follow through on their promise. From a report: The number of cases where something like this has happened has increased, according to a report published by Coveware this week and according to several incidents shared by security researchers with ZDNet researchers over the past few months. These incidents take place only for a certain category of ransomware attacks -- namely those carried out by "big-game hunters" or "human-operated" ransomware gangs. These two terms refer to incidents where a ransomware gang specifically targets enterprise or government networks, knowing that once infected, these victims can't afford prolonged downtimes and will likely agree to huge payouts. But since the fall of 2019, more and more ransomware gangs began stealing large troves of files from the hacked organizations before encrypting the victims' files. The idea was to threaten the victim to release its sensitive files online if the company wanted to restore its network from backups instead of paying for a decryption key to recover its files.
There's a surprise (Score:2)
It always amuses me when Hollywood tries to modernize the trope of the extortionist "handing over the negatives" by replacing negatives with "flash drives" or "memory cards" and we're supposed to believe they haven't made copies of the data.
While it's true even negatives could have been copied, the reality is that unless you had your own photo lab you weren't going to be duplicating compromising photos at the corner photo lab.
Re: (Score:3)
Has any extortionist working with incriminating documents ever not kept copies? I mean the case-history that they all do probably goes back father than recorded history.
Since at least Ezekiel (Score:2)
> I mean the case-history that they all do probably goes back father than recorded history.
Indeed. It's mentioned in Ezekial (500 bc), so that's pretty close to "farther than recorded history".
Re: (Score:2)
Impressive. Than you!
Re: (Score:2)
I just assumed they kept copies; to think otherwise seems a bit naive.
I mean, are we supposed to take them at their word? lol
Re: (Score:2)
Has any extortionist working with incriminating documents ever not kept copies? I mean the case-history that they all do probably goes back father than recorded history.
Yes indeed. Even in the middle ages there's recorded cases of extortionists making copies of the preliminary sketches.
Re: (Score:2)
Honestly, it didn't even make much sense with "handing over the negatives" since making a new usable master from the negatives isn't all that difficult.
Re:There's a surprise (Score:4, Insightful)
What? You mean you can't trust criminals to keep their word? That's just crazy talk!
>While it's true even negatives could have been copied, the reality is that unless you had your own photo lab you weren't going to be duplicating compromising photos at the corner photo lab.
Unless of course you photocopied them, or took a photo of them with an instant camera. Paying blackmail has always been an exercise in optimistic thinking.
Re: There's a surprise (Score:2)
Or a run of the mill slide projector and a basic camera. No photo lab required. In an emergency, all you would need to duplicate already processed film would be a flashlight and a second camera. Not pretty but could get the job done well enough.
Re: (Score:2)
I guess I'm thinking of the most common use of the trope in movies where the "incriminating evidence" is too hot to have commercially duplicated and the nature/circumstances of the blackmailer is such that they don't really have the wherewithal to make a copy.
Obviously a determined, capable or highly motivated person would find a way, but often at least in the movies the blackmailer is kind of under duress and not exactly capable.
Always have a backup plan. (Score:2)
These guys are real pros.
Captain Obvious (Score:5, Insightful)
Re: (Score:3)
I'm going to borrow a joke from a thread earlier today and hand the broadcast over to our woodland ursine correspondent for, ahem, a news dump.
Re: (Score:2)
I'm surprised this revelation didn't dominate the front page instead of that election thing or whatever
Who do you trust (Score:2)
If you can't trust criminals who are you supposed to trust ? Possibly The Joker.
Holy crap... (Score:2)
You mean people who steal data and then extort money from you aren't always honest? Like damn near EVERY extortionist, EVER?
Looking at the article, it's pretty clear that absolutely no one is surprised by this. I think the point is to get people in the decision loops on these things to understand that they aren't going to be able to buy their way out of a problem and should hire the authoring firm.
Hold... the... phone... (Score:2)
Ransomware Gangs That Steal Your Data Don't Always Delete It
Thieves can be dishonest?
Oh no! (Score:2)
NO! (Score:2)
The criminals that blackmailed you weren't completely honest?
Shocking.
Duh (Score:2)
No-honor criminals do not honor their promises? What a surprise...
Shocking news (Score:2)
Crooks will lie to you.
What? (Score:2)
Next you'll say, that kidnappers do not always return their victims?
That blackmailers don't really delete the photos?
Dane-Geld (Score:5, Interesting)
And that is called paying the Dane-geld;
But we've proved it again and again,
That if once you have paid him the Dane-geld
You never get rid of the Dane.
- Rudyard Kipling
Dane-Geld, A.D. 980-1016
Re: (Score:2)
Yah. Basically it's a protection racket.
Wait wait (Score:2)
"Ransomware Gangs That Steal Your Data Don't Always Delete It"
Wait, you mean that bad guys who stole your shit and encrypted it are actually BAD? *mind blown*
MICROS~1 strikes again .. (Score:1)