author photo
By SecureWorld News Team
Wed | Feb 26, 2020 | 10:11 AM PST

The bad actors behind DoppelPaymer ransomware have begun publicly posting stolen files to further extort and shame non-paying victims.

BleepingComputer reports:

The operators of the DoppelPaymer Ransomware have launched a site that they will use to shame victims who do not pay a ransom and to publish any files that were stolen before computers were encrypted.

A new extortion method started by the Maze Ransomware is to steal files before encrypting them and then use them as leverage to get victims to pay the ransom.

If a ransom is not paid, then the ransomware operators release the stolen files on a public 'news' site to expose the victim to government fines, lawsuits, and the risk of the attack being classified as a data breach.

Soon after starting this tactic, other ransomware families including Sodinokibi, Nemty, and DoppelPaymer have stated that they would begin this practice as well.

Tags: Ransomware,