ADVERTISEMENT

Attackers impersonate security researchers in extortion attempts

Arctic Wolf Labs has investigated multiple extortion attempts conducted by threat actors who pose as legitimate security researchers, promising to hack into the infrastructure of original ransomware gangs to delete stolen data for a fee.

online piracy hackers
Niamh Ancell
Niamh Ancell Journalist
Jan 11, 2024 Updated: 11 January 2024 2 min read

First case

ADVERTISEMENT

Second case

  • Communicated via Tox
  • Threat actors posed as a security researcher
  • Claimed access to server infrastructure
  • Offered to prove access to stolen data
  • Implied risk of future attacks if not addressed
  • Specified amount of stolen data
  • Demanded a small fee of five Bitcoin
  • Similar language used within emails to victims
  • Used file.io to provide evidence of stolen victims' data
ADVERTISEMENT