Instead, far more subtle actions can lead to allegations that one has committed extortion.Įxtortion is a criminal offense that occurs when a person unlawfully obtains money, property, or services from another person or entity by means of particular types of threats. The image of the sleazy blackmailer demanding money or threatening to publicize an old scandal is seldom the act that leads to litigation involving extortion. However, other cybercriminals have voiced concerns that the new data extortion project is suspicious and not to be trusted.Extortion is both a tort and a crime and is perhaps far more common than most of us think. I suspect, however, that their claims are untrue and that the same individuals who carry out the attacks are also behind RansomHouse.Īs for the origin, a representative of RansomHouse who had phoned the press to publicize the attacks spoke English with what sounded like an Eastern European accent. The RansomHouse platform is supposedly used by 'club members' who carry out attacks using their own tools - and, according to them, those tools include ransomware such as White Rabbit. This makes Cyberint’s analysts believe that RansomHouse is a project launched by disgruntled red-team pen-testers who are fed up with low bounty payments and poor cybersecurity planning in general.īrett Callow, a threat analyst at cybersecurity firm Emsisoft, told Bleeping Computer the following regarding RansomHouse: They do not want to mix business and politics and announced that they would never work with radical hacktivists or espionage groups,” explains the report by Cyberint. Furthermore, they claim to be very liberal and pro-freedom. “They speak politely on both their blog and various Telegram channels and do not get swept into irrelevant discussions.
#Operation extortion professional#
RansomHouse posting on Lapsus Telegram (Cyberint)Īs such, while the origins of RansomHouse are unknown at this time, the group hasn’t emerged as a thoroughly independent entity but rather from within other threat groups.Ĭyberint claims to have extensively examined the communications of RansomHouse’s core members with other threat actors on Telegram channels and reported seeing professional conduct. Since launching the site this month, the threat actors have added three other victims, with the most recent being a German airline support service provider, attacked last week. RansomHouse is believed to have launched in December 2021 with its first victim allegedly the Saskatchewan Liquor and Gaming Authority (SLGA), which is now listed on the extortion site.
In rare cases one could meet gratitude and ridiculously small payments that do not cover even 5% of an enthusiast's efforts." Targeting your data Usually corporations respond to the message that their "doors are wide open" in negative context, direct threats or silence. "People are inherently curious and are eager to learn the object of their interest. The culprits are those who did not put a lock on the door leaving it wide open inviting everyone in," the RansomHouse threat actors write on their 'about us' page. "We believe that the culprits are not the ones who found the vulnerability or carried out the hack, but those who did not take proper care of security. Instead, they blame the companies for not properly securing their network and for "ridiculously small" bug bounty rewards offered for vulnerability disclosures. However, they do not take responsibility for their actions. The new operation claims not to use any ransomware and instead focuses on breaching networks through alleged vulnerabilities to steal a target's data.
Yet another data-extortion cybercrime operation has appeared on the darknet named 'RansomHouse' where threat actors publish evidence of stolen files and leak data of organizations that refuse to make a ransom payment.
0 kommentar(er)
