Ransomware Group Builds Site For Victims To Search For Their Stolen Data

Share post:

The ALPHV ransomware group, aka BlackCat, took its operations to a new level by building a dedicated website where customers and employees of their victim organization can check if their data was breached in an attack.

AlphV is said to be a rebrand of the DarkSide/BlackMatter group, notorious for the attack on Colonial Pipeline, which brought to the fore the operations of these hacking groups.

Today, the AlphV/BlackCat ransomware gang started releasing stolen data that they alleged were stolen from an Oregon hotel and spa. The gang claims to have stolen 112 GB of data containing the private information of 1,500 employees, including Social Security Numbers.

But instead of simply leaking the data on their usual Tor data leak site, the ransomware group created a dedicated website enabling both hotel employees and customers to check if their data was stolen.

The site provides information about hotel guests and their stays as well as the personal data of 1,534 employees.

While the customer guest data only includes names, arrival date, and stay costs, the employee data contains very sensitive information, such as names, Social Security Numbers, date of birth, phone numbers, and email addresses.

As this site can be viewed through the public internet, it is indexable by search engines, and the stolen information may be added to search results, making this even worse for the victims.

Simply put, the site intends to scare employees and guests into demanding the hotel to delete their data from the web, which is only possible by paying a ransom.

Brett Callow, security analyst from Emisoft, who discovered this new ransomware tactic, said that while the strategy is innovative, it is too early to tell if it will pay off.

“While it’s an innovative approach, it remains to be seen whether the strategy will be successful – and, of course, that will determine whether it becomes more commonplace.”

For more information, read the original story in Bleepingcomputer.

SUBSCRIBE NOW

Related articles

Hamilton Estimates $52 Million to Rebuild IT Systems After Ransomware Attack

The city of Hamilton plans to spend $52 million over the next three years to rebuild and secure...

Avery Data Breach: Credit Card Skimmer Affects Over 61,000 Customers

Label maker Avery has disclosed a data breach affecting 61,193 customers, caused by a credit card skimmer that...

Scammed Company Ordered to Pay $190k for Fraudulent Invoice Payment

A hacker gained access to Mobius Group’s email system and sent instructions from a legitimate email address, directing...

Sneaky 2FA: A Sophisticated Attack Defeats Both 2FA and Phishing Protections

A new phishing kit, ominously named "Sneaky 2FA," has emerged, targeting Microsoft 365 users by bypassing two-factor authentication...

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways