Ransomware Leaksites

As ransomware groups have become increasingly prolific over the past five years, one of the “newer” aspects of the dark web has been ransomware leak sites. These are effectively publicity sites where ransomware groups share the details of their latest victims. However, they also play an important role in how these groups orchestrate and monetize their attacks. Traditional ransomware tactics of encrypting data and holding it “ransom” changed when the groups realized that organizations were equally as fearful of the data being leaked. This has led to the rise of “double extortion”, where groups encrypt an organization’s data and also threaten to publish it - on their dark web leak sites. These sites provide the ransomware operators with a platform to accept payments from the victims, and a space to shame them if they don’t pay.

No found.