Cybercriminals are becoming increasingly vicious and their extortion tactics are no less than a ghastly nightmare for victims.

What’s going on?

The Finnish psychotherapy facility Vastaamo was breached and the hackers have started blackmailing the patients into paying thousands of euros and threatening to leak their data online. The attackers have claimed to have the session records of 40,000 patients and demanded a ransom of €450,000 in bitcoins. Records of 300 patients have already been published on a website on Tor and the remaining victims are being pressurized into paying a ransom of €200, which will increase to €500 after 24 hours.  

Other extortion campaigns

  • Hackers impersonating the Lazarus Group and Fancy Bear to extort money from financial institutions and technology and manufacturing companies, respectively. The threat actor has been threatening to launch powerful DDoS attacks in case of non-payment of ransom.
  • In another instance, companies across the world received extortion emails asserting to launch massive DDoS attacks unless they pay a set ransom of 20 BTC, which increases by 10 BTC every day the ransom is not paid. Travelex is allegedly one of the recipients of this threat.
  • Earlier this month, SunCrypt ransomware gang started launching DDoS campaign threats in an attempt to extort several high-profile victims.

Square one

This all started last year in November when the Maze ransomware gang strated the trend of attacking victims and stealing their data to blackmail them into paying a ransom. In case of non-payment of ransom the group would leak confidential and classified information. Other threat actors soon followed suit and at the moment, this is the savage trend followed by most threat actors.

The bottom line

The first thing to note about these threats is that they are not empty and the attackers have followed through on every extortion threat. Moreover, the criminals in their ransom notes have mentioned that there is no other way to protect the victims apart from paying the ransom. Thus, this has become a huge concern for security agencies across the globe.

Cyware Publisher