Hackers have ventured into a novel business tactic that pledges to delete data stolen by ransomware attackers, offering a dubious assurance to victims in exchange for a modest fee, typically ranging from 1-2 BTC. The modus operandi involves certain ransomware groups employing double extortion tactics: first, pilfering data from a targeted organization and subsequently encrypting it until a ransom is paid.
Should the victim fail to meet the ransom deadline, these groups resort to selling the purloined data on the dark web for financial gain.
Even if the demanded ransom is paid, there is no guarantee that the attackers will genuinely delete the information; they may exploit or sell it in the future for nefarious purposes.
The Ethical Side Group is currently accessible through Tox Chat, a peer-to-peer messaging platform prominently featured on GitHub.
1.) Ransomware victims find themselves compelled to pay both the initial attackers for data decryption and the Ethical Side Group for data eradication from crime servers.
2.) The existence of such a service not only perpetuates cybercrime but also lacks certainty in ensuring the actual deletion of data.
3.) The hacking group's knowledge of ransomware activities raises questions about why they haven't cooperated with law enforcement to apprehend the perpetrators.
4.) The possibility arises that these individuals are part of ransomware groups themselves, exploiting opportunities to amass additional profits.
6.) The fluctuating fees demanded by criminals, dependent on the type of stolen information and the financial standing of the victimized organization, pose an escalating cyber threat.
7.) Regardless of the scenario, the targeted organization inevitably suffers losses.
NOTE- It remains uncertain how these developments will unfold, and as of now, no definitive solution has emerged to curtail the proliferation of ransomware groups.
Implementing bans on cryptocurrency trading and usage are not foolproof remedies, and only time will reveal the answers to these pressing questions.
This Cyber News was published on www.cybersecurity-insiders.com. Publication date: Wed, 10 Jan 2024 16:58:30 +0000