Data Activist Group Publishes Exfiltrated Ransomware Data Previously Available Only on the Dark Web

Ransomware Data on Dark WebA small group known as Distributed Denial of Secrets, or DDoSecrets, works to make data stolen as part of ransomware attacks available to journalists.

The idea of your organizations data being published on the dark web is a scenario every organization wants to avoid. Bad guys with access to company secrets, customer data, and personal information never adds up to something good. It’s the reason this tactic is so influential on ransoms being paid today.

Most often, when ransoms haven’t been paid, data was published on a site available on the Dark Web. Maze took some of their plundered data and posted it to a publicly-viewable website on the Internet.

But the most recent development in the area of extorted data being published comes from DDoSecrets, a data anti-privacy group that has taken over a terabyte of data from organizations covering industries that include pharmaceuticals, manufacturing, finance, software, retail, real estate, and oil and gas, and posted the data to a publicly-accessible website.

Their goal is to make those very same corporate secrets that are already published on the dark web available to the world. According to a Wired story about DDoSecrets, their cofounder Emma Best seemed to hope the data would contain evidence of corporate malfeasance or perhaps intellectual property that could be used to “serve the public good”. It’s evident from the article, DDoSecrets is an activist group and an agenda to share data, no matter whether it may hurt corporations.

It was already evident that your organization cannot afford to be the victim of a ransomware attack. But with new players appearing like DDoSecrets with additional agendas of how to use the published data that can be just as harmful, you know it’s now imperative to put as much defense in place to stop ransomware attacks from being successful in your organization.

Free Ransomware Simulator Tool

Threat actors are constantly coming out with new strains to evade detection. Is your network effective in blocking all of them when employees fall for social engineering attacks?

KnowBe4’s "RanSim" gives you a quick look at the effectiveness of your existing network protection. RanSim will simulate 24 ransomware infection scenarios and 1 cryptomining infection scenario and show you if a workstation is vulnerable.

RansIm-Monitor3Here's how it works:

  • 100% harmless simulation of real ransomware and cryptomining infections
  • Does not use any of your own files
  • Tests 25 types of infection scenarios
  • Just download the install and run it 
  • Results in a few minutes!

Get RanSim!

PS: Don't like to click on redirected buttons? Cut & Paste this link in your browser:

Topics: Ransomware

Subscribe to Our Blog

Comprehensive Anti-Phishing Guide

Get the latest about social engineering

Subscribe to CyberheistNews