In the recent past, several ransomware operators have been seen targeting corporate giants, crippling their systems, stealing data, and demanding multimillion-dollar paydays. Now, a new ransomware dubbed Mount Locker has also joined this multimillion-dollar ransom trend.

What is happening?

First observed around the end of July, Mount Locker targets corporate networks and steal victims' files before encrypting it.
  • As per the ransom notes from its recent attacks, the Mount Locker group has demanded multimillion-dollar ransoms from some of its victims.
  • In one instance, the gang demanded a $2 million ransom from its victim. The ransom note file ‘RecoveryManual.html’ provides instructions for the victims to access a Tor site and interact with the ransomware operators for further instructions.
  • The data leak site of Mount Locker lists four victims as of now, out of which the group has leaked the stolen data (400GB) of one of the companies after it denied to pay the ransom.

Similar tendencies

Recently, there have been several incidents when cybercriminals demanded multimillion-dollar ransoms.
  • A few weeks ago, Netwalker ransomware had attacked Argentina's official immigration agency, Dirección Nacional de Migraciones, and demanded $4 million in ransom.
  • In August, the WastedLocker ransomware had launched an attack on the fitness brand Garmin and demanded a $10 million ransom. To resume its services and operations, Garmin had reportedly decided to pay the ransom.
  • In the same month, the Darkside ransomware launched customized attacks against numerous companies and earned a million-dollar ransom amount using a similar extortion strategy.

Ending notes

Ransomware operators are increasingly becoming more sophisticated and are using their deceitful tactics to deliver fatal damage to organizations, with their multimillion-dollar ransom schemes. To prevent such cases, organizations are recommended to make regular investments towards a proactive defense strategy rather than paying a huge sum as ransom.

Cyware Publisher

Publisher

Cyware