Exposed ransomware negotiations shed light on cybercrime, but complicate things for victims

Less than 48 hours before the deadline for Iowa-based grain cooperative New Cooperative to pay the ransomware group’s demands, negotiations seemed to take an interesting turn.

BlackMatter, which has threatened to leak sensitive data allegedly stolen from New Cooperative, ramped up those this week after claiming the company “violated our data recovery guidelines” during negotiations by allegedly working with recovery firm Coveware.

The victim shot back with a surprising barb.

“The only thing we violated was your mother,” the victim said, according to chat logs shared by Dmitry Smilyanets, an analyst at threat intelligence company Recorded .

#ransomware negotiations on fire pic.twitter.com/4Jhr72oQz7

September 22, 2021

Except, there was a problem: The “victim” wasn’t actually . It was a random troll.

“We don’t know who the user ‘victim’ is but it is not us. Please close this TOR page so no more random people from the make posts here,” a user that appears to be a negotiator for New Cooperative wrote after escalating threats from BlackMatter to the data.

apparently, the #ransomware negotiations chat was hijacked pic.twitter.com/QuNQCTg4bH

September 23, 2021

At this

Read More: https://www.cyberscoop.com/blackmatter-trolls-new-cooperative-ransomware/