Fake extortionists target U.S. companies with threats of stolen data publication

Share post:

A group of extortionists named “Midnight” has been using data breaches and ransomware incidents to threaten U.S. companies. The group demands payment, threatening to sell or publish allegedly stolen data if the victims do not comply with their demands. In some cases, the group also threatens victims with a distributed denial-of-service (DDoS) attack.

Since at least March 16, Midnight has been targeting U.S. companies, claiming to have stolen hundreds of gigabytes of important data. The group has also impersonated some ransomware and data extortion gangs in emails, including the Silent Ransom Group (SRG) and the Surtr ransomware group.

The fake emails are part of a larger trend, which has been observed by managed detection and response division at the Kroll corporate investigation and risk consulting firm since early November 2019. The attackers use the names of better-known cybercriminals in an attempt to intimidate and give legitimacy to their threat.

Kroll reported that, starting March 23, organizations began filing an increased number of reports for emails received under the Silent Ransom Group name. The company stated that this is a new wave of fake extortion attempts, and the trend is expected to continue indefinitely due to its cost-effectiveness.

Arete, another incident response company, confirmed Kroll’s observations about Midnight Group’s fraudulent emails impersonating Surtr and SRG. However, the company noted that Midnight targeted organizations that had previously been victims of a ransomware attack.

According to Arete, at least 15 of their current and previous clients received fake threats from the Midnight Group. It is unclear how victims are selected, but it is possible that the group obtains information from publicly available sources, such as data leak sites, social media, news reports, or company disclosures.

The sources for this piece include an article in BleepingComputer.

SUBSCRIBE NOW

Related articles

Researchers Jailbreak DeepSeek AI, Expose System Prompt and Raise Security Concerns

Security researchers at Wallarm have successfully jailbroken DeepSeek, a recently released open-source AI model from China. The jailbreak...

New SMS Phishing Scam Targets U.S. Toll Road Users with Fake Payment Alerts

Brian Krebs of the Krebs on Security blog did a big piece leading with how residents across the...

A Hacker’s View Of The City: Cyber Security Today Special Edition

Discover how hackers exploit smart cities' vulnerabilities and what this means for our critical infrastructure. In this gripping...

Ransomware Surge Targets U.S. Energy and Utilities Sector Amid Legacy System Challenges: Report

A recent Trustwave SpiderLabs report underscores the growing cybersecurity challenges in the U.S. energy and utilities sector, driven...

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways