Industrial Spy ransomware gang has devised a new extortion strategy: it compromises corporate websites in order to publicly display ransom notifications.
The new technique is being employed by Industrial Spy, which is a data extortion organization that recently started using ransomware as part of its attacks.
In their attacks, the cybercrime group will hack into networks, steal information, and use ransomware to encrypt devices.
Yesterday, Industrial Spy started selling stolen information they say belongs to a French organization named SATT Sud-Est for $500,000.
According to MalwareHunterTeam, this cyberattack is notable as the hackers also breached the organization’s website to show a note informing that 200GB had been snatched and would soon be available for sale unless the victim paid a ransom.
We already know that when such cybercrime groups extort money from their victims, they usually give them a limited amount of time (a couple of weeks) to negotiate and pay the requested ransom before making the stolen information public.
When the cybercriminals negotiate with the victims, they assure them that the ransomware attack will be kept a secret, that they will receive a decryption key, and all the stolen data will be deleted once they