Home / Tech / News / Ransomware gangs emailing customers of victims to extort them
tech

Ransomware gangs emailing customers of victims to extort them

Ransomware makers are now reportedly training their guns on their customers of their victims, warning them that their data will be leaked if they don’t “convince” the victim to pay the ransom amount.

Ransomware groups are now leveraging customers of victim companies into paying the ransom amount. 
Ransomware groups are now leveraging customers of victim companies into paying the ransom amount.  (Pixabay)

Ransomware is not a new phenomenon and several businesses have suffered after falling victim to hacks that cause their data to be encrypted and faced with huge ransom demands. However, ransomware makers are now reportedly training their guns on their customers of their victims, warning them that their data will be leaked if they don’t “convince” the victim to pay the ransom amount.

Also read: India is the third-worst affected country by ransomware attacks: Report

Spotted by security researcher Brian Krebs, the newest form of online intimidation involves emailing the clients of the victims informing them that the company has been hacked and that the data that has been stolen will be published online if the ransom is not paid. The emails appear to be going out to customers of companies that have been affected by the ‘Clop’ ransomware.

A sample of the ransomware group's email sent to customers of a victim company, shared by Krebs. 
A sample of the ransomware group's email sent to customers of a victim company, shared by Krebs.  (Brian Krebs/Krebs on Security)

Krebs published one of the emails on his blog, which tells the customers that they received it because they were a customer, buyer, employee or partner of the victim company. “The company has been hacked, data has been stolen and will soon be released as the company refuses to protect its peoples’ data,” it says. The email goes in to tell the customer that their information will be published on the dark web with a link to a website — unless the victim company contacts the ransomware group.

Read more: Ransomware tops US cyber priorities, Homeland secretary says

Unlike traditional ransomware groups, Clop demands two sets of ransom payments – one to decrypt the data from the victim’s computers which it does by sending over a key, and another to “stop” the group from publishing sensitive information stolen from the victims on the dark web. This appears to be a new trend among ransomware groups who target companies that keep backups of their data and simply refuse to pay the ransom for encrypted data that can simply be replaced.

Follow HT Tech for the latest tech news and reviews, also keep up with us on Twitter, Facebook, and Instagram. For our latest videos, subscribe to our YouTube channel.