Facebook adverts reportedly aimed at pressuring Campari into paying a ransom.
In a concerning turn of events, the Ragnar Locker ransomware group has been using Facebook as a platform for extortion, targeting both the Italy-based beverage company Campari Group and Hodson Event Entertainment.
According to Chad Anderson, a senior researcher at DomainTools, this tactic represents an "aggressive evolution" in the world of ransomware, indicating that the group is growing increasingly desperate for payment.
The operators behind Ragnar Locker hacked the Facebook account of Hodson Event Entertainment, attempting to bill a $159 campaign, on top of an initial $35, to the business. Similarly, they launched an eBay-like site on the dark web in June, auctioning off stolen data from various victims, including Campari Group.
Campari Group disclosed its hack on November 3 and immediately isolated various systems to prevent the spread. By November 6, the company confirmed "there has been some data loss," which is still under investigation to determine the confidentiality of the impacted information. The operators asked Campari for $15 million in bitcoin on November 1.
However, Campari is not backing down. In a statement, Chad Anderson, senior researcher at DomainTools, commended the company for ignoring Ragnar Locker's attempts to shame them, stating that they are doing the right thing. Campari is working closely with the FBI and the Italian cyber police, and has notified its respective data protection authorities.
Publicly publishing data is a common tactic used by cybercriminals to recoup costs of their operations. Ragnar Locker operators are now publicly posting stolen data in retaliation for unpaid ransoms. This was evident in the unauthorized Facebook ads boasting that confidential data was stolen and claiming a huge volume of data was offloaded by the Ragnar Locker operators on November 9.
Unfortunately, this is not an isolated incident. Researchers expect to see an influx of ransomware attacks as lockdowns are reinstated across European countries and parts of the U.S. Cybercriminals feel the financial impact of the pandemic and victimized organizations are less likely to pay ransoms.
In the face of these threats, it is crucial for companies to remain vigilant and take proactive measures to protect their data. Working with law enforcement authorities and cybersecurity experts, as Campari Group is doing, is a step in the right direction. Any EU provisions for circumventing GDPR fines for companies could help avoid funding ransomware groups.
Facebook caught the hack on Hodson Event Entertainment's account as fraudulent. Hodson's analytics showed the campaign generated 770 clicks. Despite the efforts of companies like Facebook to prevent such attacks, it is clear that ransomware groups are becoming more creative and aggressive in their tactics.
As the battle against ransomware continues, it is essential for everyone to stay informed and take the necessary precautions to protect their personal and business data.
Read also:
- Industrial robots in China are being installed at a faster rate than in both the United States and the European Union, as the global market for these robots faces a downturn.
- Hyundai N affirms transition to hybrid performance-centric models, initiating with Tucson N
- EAFO Research Uncovers Crucial Elements in Electric Vehicle Adoption within the EU
- Stock markets in India anticipated a moderate opening, influenced by mixed signals from global markets.
