A new ransomware-enhancing method is being tested by hackers. This new technique is believed to improve ransomware attacks.
(Photo : Photo by NICOLAS ASFOURI/AFP via Getty Images)
In this file photo taken on August 04, 2020, Prince, a member of the hacking group Red Hacker Alliance who refused to give his real name, uses his computer at their office in Dongguan, China’s southern Guangdong province.
Based on the findings of Cyderes and Stairwell security experts, at least one ransomware gang is already using the so-called “data destruction” method.
In the new joint report, cybersecurity researchers checked for signs of the new hacking method, which is found in the exfiltration tool used by an affiliate of BlackCat (aka ALPHV); a ransomware strain discovered in November 2021.
New Ransomware-Enhancing Method Tested by Hackers
According to ZDNet’s latest report, the new data destruction method causes some concerns to many security experts.
(Photo : Photo by Adam Berry/Getty Images)
A participant looks at lines of code on a laptop on the first day of the 28th Chaos Communication Congress (28C3) – Behind Enemy Lines computer hacker conference on December 27, 2011 in Berlin, Germany. The Chaos Computer Club is Europe’s biggest network of computer hackers and its annual congress draws up to 3,000 participants.
They are alarmed since this malicious technique can make stolen data irretrievable, especially if victims refuse to pay the required ransom.
Cybersecurity experts stated that the ransomware deployment method could make ransomware attacks more dangerous as it can further pressure victims to give in to hackers’ demands.
Now, Stairwell and Cyderes experts claimed they discovered indicators of the new tactic in the BlackCat ransomware attack.
They added that the data destruction method is linked to the a.NET exfiltration tool called “Exmatter.” Their findings revealed that if Exmatter is used as part of a BlackCat attack, it will completely destroy files.
Data Destruction in Exmatter Under Development?
As of writing, Stairwell and Cyderes cybersecurity researchers believe that hackers are still testing Exmatter’s data destruction capabilities.
There are various reasons why ransomware attackers are doing this. One of these is that destroying data can provide them an extra incentive for victims, allowing them to acquire more money.
“Eliminating the step of encrypting the data makes the process faster and eliminates the risk of not getting the full payout, or that the victim will find other ways to decrypt the data,” explained Cyderes experts.
If you want to learn more details about the new data destruction method, you can visit this link.
In other stories, a recent study showed that cyberattacks result in high death rates among patients.
We also reported that the second-largest U.S. school district was attacked by hackers.
For more news updates about ransomware attacks and other cybersecurity threats, keep your tabs open here at TechTimes.
This article is owned by TechTimes
Written by Griffin Davis