Confidential data was stolen by a ransomware gang and was auctioned off to its owner for safe return. According to Ars Technica's latest report, this is one of the new strategies designed by cyber attackers to increase the chance of a hefty payout.
It was reported that the auction was to put further pressure on the victim to pay heavy fees for their data's safe return. The online bidding process began earlier on Tuesday, June 2, on a dark Web site called The Happy Blog maintained by the cybercriminals known by the names REvil, Sodinokibi, and Sodin.
Also Read: [HACKERS] 'Anonymous' Threatens to Expose Minneapolis Police's Crimes; Who Are The Anonymous Hackers?
The group previously threatened the owners that they would publish limited details of selected data and publish additional confidential material if they failed to pay the ransom. The cybercriminals also encrypted the stolen confidential data so that the owner won't have any access to any of it at all.
Ransomware gang auctions off 10,000 stolen confidential data for safe return; REvil hacks 22,000 files
According to Ars Technica, the ransomware gang wanted to increase the chances of a larger payout by combining the threat of publishing the data while simultaneously locking it from its rightful owner. The newly designed strategy puts more pressure since the previous practices haven't yielded the desired results of the hackers.
The ransomware gang's demands are usually high, sometimes amounting to millions of dollars. To keep up with the hackers' tactics, many companies were forced to reward the people behind the malicious acts to prevent further attacks on their confidential data. New financial pressures were also added by the ongoing pandemic to small and medium businesses around the world.
According to the report, the extracted confidential data from two companies were advertised by the Happy Blog. One of the companies is a food and harvest distributor. The auction promised 10,000 files of the people in the company's distribution network which contained distributor data, confidential cash-flow analyses, vendor information, scanned images of driver's licenses, and business insurance content.
Meanwhile, the other auctions promised to turn over accounts, accounting documents, and other important information that may be used by the company's competitors or other interested parties. Although the company was not named, the auctioneers confirmed that the data came from a Canadian agriculture crop production company.
A small sample of the data containing confidential memos documenting conference calls, employee emails, a personal wealth statement of an employee, and other documents was shown in an accompanying auction page from the latter company.