Ronald MizenReporter
Apr 22, 2021 Hackers look to team up with short sellers
https://www.afr.com/politics/federal/hackers-look-to-team-up-with-short-sellers-20210422-p57lep
A hacker group that hit headlines after making a series of charitable donations with its ill-gotten gains is pitching a new product to sharemarket traders looking to cash in on cyber heists.
Security experts said the new revenue stream could make hackers and dodgy traders huge profits and be difficult for law enforcement to prove.
Ransomware group DarkSide announced this week it was looking to work with traders to punish target companies that failed to pay up.
“Our team and partners encrypt many companies that are trading on the Nasdaq and other stock exchanges,” DarkSide said in a post on its website.
“If the company refuses to pay, we are ready to provide information before publication, so it would be possible to earn in the reduction price of shares.”
In Australia, DarkSide claimed credit for a reported hit on coffee roaster Segafredo Zanetti. The company was later delisted from its website and has not responded to repeated requests for comment.
After a busy 2020, DarkSide had been quiet for a few months while it likely undertook a fresh ransomware campaign.
“I believe DarkSide is going to start seeing a bit of a resurgence in the number of victims coming online,” Mr Westwood-Hill said. “I would not be overly surprised to start seeing their leaks on the dark web very soon.”
Emsisoft threat analyst Brett Callow said tactics used by threat actors such as DarkSide to extort payment from their victims were becoming more extreme, but the latest pitch to short-sellers was something entirely new.
“Whether their intention is to charge for this information or simply to give it away in order to pressure future victims into paying quickly is not clear,” Mr Callow said.
“Whatever the case, this clearly demonstrates the need for governments to take speedy and decisive action to tackle the problem. If they do not, the situation will invariably continue to worsen.”
Emsisoft analysis shows more than 1300 organisations had data exfiltrated and released online by ransomware groups in 2020. “Of course, this only represents the organisations that refused to pay,” Mr Callow said.
The Australian Cyber Security Centre publicly advises companies never to pay a ransom as there is no guarantee cyber criminals will decrypt files once the ransom is paid, and there is a chance that files may not be recoverable.
Apr 22, 2021 Hackers look to team up with short sellers
https://www.afr.com/politics/federal/hackers-look-to-team-up-with-short-sellers-20210422-p57lep
A hacker group that hit headlines after making a series of charitable donations with its ill-gotten gains is pitching a new product to sharemarket traders looking to cash in on cyber heists.
Security experts said the new revenue stream could make hackers and dodgy traders huge profits and be difficult for law enforcement to prove.
Ransomware group DarkSide announced this week it was looking to work with traders to punish target companies that failed to pay up.
“Our team and partners encrypt many companies that are trading on the Nasdaq and other stock exchanges,” DarkSide said in a post on its website.
“If the company refuses to pay, we are ready to provide information before publication, so it would be possible to earn in the reduction price of shares.”
In Australia, DarkSide claimed credit for a reported hit on coffee roaster Segafredo Zanetti. The company was later delisted from its website and has not responded to repeated requests for comment.
After a busy 2020, DarkSide had been quiet for a few months while it likely undertook a fresh ransomware campaign.
“I believe DarkSide is going to start seeing a bit of a resurgence in the number of victims coming online,” Mr Westwood-Hill said. “I would not be overly surprised to start seeing their leaks on the dark web very soon.”
Emsisoft threat analyst Brett Callow said tactics used by threat actors such as DarkSide to extort payment from their victims were becoming more extreme, but the latest pitch to short-sellers was something entirely new.
“Whether their intention is to charge for this information or simply to give it away in order to pressure future victims into paying quickly is not clear,” Mr Callow said.
“Whatever the case, this clearly demonstrates the need for governments to take speedy and decisive action to tackle the problem. If they do not, the situation will invariably continue to worsen.”
Emsisoft analysis shows more than 1300 organisations had data exfiltrated and released online by ransomware groups in 2020. “Of course, this only represents the organisations that refused to pay,” Mr Callow said.
The Australian Cyber Security Centre publicly advises companies never to pay a ransom as there is no guarantee cyber criminals will decrypt files once the ransom is paid, and there is a chance that files may not be recoverable.
