Internet

Fake Ransom Gang Targets US Firms With Data Leak Threats

In the USA, security researchers are drawing attention to a phenomenon that cybercriminals use to cash in: it is about faking a security incident. Companies are being blackmailed without there actually being a break-in into their systems.

This is reported by the Bleeping Computer. This is not necessarily a new scam, but a trick that is currently increasingly coming to light. The people behind it are known as the Silent Ransom Group, according to security specialists at Kroll.

Companies are confronted with blackmail letters of the kind known from hacker attacks. Strangers threaten to publish company data that they do not actually have. But companies still fall for it in droves.

Just Empty Threats

Taking advantage of data breaches and ransomware incidents, such extortionists give priority to threatening companies with publishing or selling allegedly stolen data if not paid. Sometimes these cyber criminals also threaten a DDoS attack if their victims do not follow the instructions.

Bleeping Computer also discovered that some of the blackmail letters were a wild mix of different ransomware campaigns and also named different hacker groups as initiators.

It is “a new wave of fake extortion attempts,” the Kroll analysts write in a security report, adding that the names of well-known cybercriminals are being used to intimidate victims and lend legitimacy to the threat.

“This method is cheap and can easily be performed by low-skilled attackers. Similar to the 419 wire transfer scam, victims are socially engineered by pressuring them to pay by a specified time limit. We assume that this trend will continue indefinitely due to its cost-effectiveness and ability to continue to generate revenue for cybercriminals,” Kroll writes.

Previous fraud cases known

Kroll has observed such incidents since 2021 but also reports similar threats where non-paying victims then later experienced mild DDoS attacks. However, these were low-level DDoS attacks that came with the threat of larger attacks if the extortionists were not paid. However, it is still believed that this is a scam that should be ignored. The recommendation is to carefully analyze such emails in order to identify them as “phantom incidents” and dismiss them as empty threats.