Notorious Ransomware Gang Puts Victims on Edge
Ransomware gang demands absolute cooperation from victims, warns against third party involvement
The Ragnar Locker ransomware group sends cold warnings to ransomware victims thinking to involve law enforcement authorities after rounds of operations demanding millions for system recovery.
The group published this announcement on its darknet website a week after rumours of its dissolution.
The threat also concerns victims consulting experts to counter-usurp the system.
The group also discourages consulting private negotiators due to their ties with law enforcement authorities.
Ransomware victims continue to remain on the hook, with time running out, excessive financial demands, and they are running out of options. Victims on Ragnar Locker's list will be feeling the most pressure after the group announced the warning on its website. Having to adhere to the government's ruling against meeting ransomware demands because of its after-effects on cybercrime rates and remaining on the safe line of its assailants to prevent a massive data leak must be damning.
The announcement came weeks after reports in the media suggested that the group had closed shop. The warning was clear, victims who contact private investigators and government agencies will suffer data leaks. The warning also concerns those consulting external organizations and recovery experts to perform decryption or intercede in negotiations. If these conditions are breached, the group will execute the most dreadful part of a ransomware situation; releasing the data to public view - its .onion site.
The group elucidates that involving professional negotiators only winds them up either to futility or makes the decryption process worse because professional negotiators have direct and indirect contacts in agencies they would instead not get involved with.
So from this moment we warn all our clients, if you will hire any recovery company for negotiations or if you will send requests to the police/FBI/investigators, we will consider this as a hostile intent, and we will initiate the publication of whole compromised data immediately,
the group noted on its website.
These hackers are known for their avarice; they are feared for their fastidious modus operandi. They spend quality time on recon, maneuvering through network resources, backup options, and core files they can usurp before the data encryption process. Simply put, they are very thorough.
BleepingComputer attests that game company CapCom, air services company Dassault Falcon, and chipmaker ADATA are on the list of past victims. While they may be past victims, they are not in the clear. Ransomware hackers are recently in the practice of not fulfilling their end of the bargain; they deliberately deliver incomplete decryption leaving a possibility for future attacks.
This would mean these threats are of significant concern to new and old victims. Governments of technologically advanced companies are not compromising on their mandate to stop ransomware victims from paying their attackers because it incentivises their other threat actor groups.
Get similar news in your inbox weekly, for free
Share this news:
Get deep visibility into the performance of your complex enterprise applications and cloud native workloads. Identify potential issues, improve productivity, and ensure that your business and end users are unaffected by downtime and substandard performance ...
We tested ManageEngine Applications Manager to monitor different Kubernetes clusters. This post shares our review …
Harness the power of artificial intelligence (AI) and machine learning (ML) to monitor your IT resources with Site24x7's artificial intelligence for IT operations (AIOps) and machine learning operations (MLOps). Improve mean time to repair (MTTR) issues with the help of Site24x7 AIOps ...
In this post we'll dive deep into integrating AIOps in your business suing Site24x7 to …