HomesecurityConti ransomware: Another gang created a leak site

Conti ransomware: Another gang created a leak site

The gang behind it Conti ransomware joined the "company" of hackers who create "leak siteFor the data of the victims.

Conti ransomware
Conti ransomware: Another gang created a leak site

One of the biggest threats to cyberspace is ransomware attacks. However, in recent months more and more ransomware gangs combine these attacks with violations data, after creating the so-called "leak sites“, Which they use to expose sensitive documents from companies refusing to pay the ransom.

These "leak sites" are a new trend, as ransomware ransomware adopts a new tactic calleddouble blackmail".

A representative example of how ransomware gangs use "leak sites" and "double blackmail" to put pressure on victims, is his case University of Utah.

A few days ago, the university administration admitted that it had paid a large sum to a ransomware gang, despite having reset the encrypted archives through copies security.

The university said that had to pay the gang because the hackers threatened to leak files containing sensitive student data.

More and more ransomware create gangs leak sites

Meanwhile, more and more ransomware gangs are turning to leak sites to put extra pressure on victims.

The good news is that not all gangs have their own site. However, their number has been steadily increasing since December 2019, when its operators Maze of ransomware they made the beginning and created the first site.

Today, the list of ransomware gangs that use leak sites includes: Ako, Avaddon, CLOP, Darkside, DoppelPaymer, Maze, Mespinoza (Pysa), Nefilim, NetWalker, RagnarLocker, REvil (Sodinokibi) and Sekhmet.

Some of these groups are not very well known, but there are others such as Maze, DoppelPaymer, REvil and NetWalker that are among the biggest threats.

Other groups, such as BitPaymer, WastedLocker, LockBit, ProLock and Dharma, have not yet adopted this tactic. One reason may be that some groups do not want to get much attention and leak sites tend to attract too much attention from journalists, Companies cyber security, and law enforcement officials.

The Accounts ransomware creates its own leak site

Since last week, another major ransomware team has entered the game of double blackmail and created its own leak site.

The team is handling the relatively new Conti ransomware, which is said to be used by its operators Ryuk ransomware.

Conti ransomware's leak site discovered by a malware analyst nicknamed BreachKey. The site is available at different URLs both in public Internet as well as in dark web.

BreachKey said the site already includes files of 26 companies who have fallen victim to the group's attacks and have refused to pay the ransom.

leak site
Conti ransomware: Another gang created a leak site

Creating another leak site shows that the double blackmail system is here to stay.

This new trend also means that changes need to be made in the way companies deal with ransomware attacks. Whereas in the past, victim companies only had to recover archives and get back to their daily activities, now they have to deal with infringement and possible data leakage.

Digital Fortress
Digital Fortress
Pursue Your Dreams & Live!