In a recent development after the recent data leak of Sony, the notorious Ransomware syndicate Ransomed.vc focused on the largest telecommunications giant of Japan, NTT Docomo.
According to an advice published by the Resecurity on Tuesday, Ransomed.vc demands a ransom of more than $ 1 million from NTT Docomo, in a movement that comes after Sony refused to pay a similar ransom, allegedly leading to the leak of their extrilated data.
The Hunter team of Resecurity contacted the operators behind Ransomed.vc via TOX (TOR IM) with regard to the Sony Breach and NTT Docomo. According to the actors, they claim that they have stolen 240 GB data from Sony, which they are willing to sell for a relatively low price, starting from $ 10,000 to BTC.
Their primary motivation seems to be a public shame of the victim instead of profit. Such tactics, known as ‘pressure support’, are used to motivate the victim to arrange the payment.
Ransomed.vc, who came from an underground forum and was initially spotted by Malwarebytes in August 2023, quickly became active on the dark web.
Initially, an underground forum focused on data leaks, access brokers and exploits, ransom. VC later turned into a ransomware operation, aimed at generating stolen data.
Since then, Resecurity said that the group used unique tactics, using GDPR laws and data protection regulations to squeeze companies in the European Union, using the threat of fines to put pressure on to pay the ransom.
Read more about GDPR and Data Protection: GDPR replaced in the UK: a cost-benefit analysis
The group also carries out a partner program to earn hurt access to Enterprise networks. In particular, they discourage attacks on the Russian or Ukrainian infrastructure.
“It is expected that the bad actors focus on companies of different market verticals (fintech, telecommunications, oil and gas media) with the aim of stolen data with the aim of using extortion that use comparable tactics used by ransomed.vc,” is the advice.
Resecurity said it would continue to follow Ransomed.vc’s activities through proactive surveillance of the Dark Web, collecting usable cyber threat information.
Editorial Image Credit: Piotr SWAT / Shutterstock.com