With ransoms as high as $2 Million, the cybercriminal group behind this new family of ransomware is setting the bar pretty high, all while being the “new kid on the block”.
While the tactics are pretty familiar with those ransomware gangs in the Maze cartel – exfiltrate data, encrypt everything possible, and ask for a large ransom threatening to publish the data – the Mount ransomware has only been out since July of this year.
Taking a bold step, the gang behind this new variant is obviously watching the trends and realizing if they do it right, they can ask for a hefty ransom.
And ask they do!
Instead of most companies trying to be the discount alternative and charging less, these bad guys realize there’s no reason they can’t just launch a business and ask for top dollar.
Stealing some subset of the data encrypted, the Mount team threatens to contact the victim's competitors, the media, TV channels, and newspapers as part of their demands:
Ransomware is truly getting out of hand – the revenue opportunities are so vast that it’s really no surprise to see the latest player make a huge splash in their first months. I expect to see their name in the headlines many more times in the coming months.
The good news is that despite the ransomware bravado I expect will continue, the bad guys still need a means to start their infections – an unwitting user. Users that have undergone new school Security Awareness Training are less likely to fall for phishing and social engineering scams that are used to spread malware that eventually infects an environment with ransomware (Mount or otherwise).
Here's how it works:
