Operators of the Ragnar Locker ransomware warn their victims that if they contact law enforcement agencies, the data stolen from them will be published in the public domain.
The Bleeping Computer writes that this week on the Ragnar Locker site on the darknet there was a similar announcement. Hackers threaten to “leak” the victims’ data into the network if they contact the FBI, police or private investigators. The threat also extends to those victims who turn to data recovery specialists.The ransomware operator claims that organizations that hire “professional negotiators” only make the data recovery process worse, as the negotiators are often associated with the FBI and law enforcement.
Ragnar Locker is known for the fact that its operators manually deploy payloads to victims’ systems. In addition, hackers spend time scouting to discover network resources, backups, and confidential files that they might steal before encrypting the data. Ragnar Locker’s past victims include, for example, Japanese game maker Capcom and hardware maker ADATA.
In Capcom’s case, the group reportedly encrypted 2,000 devices on the organization’s network and demanded a ransom of $11,000,000 in exchange for a decoder.
Ragnar Locker’s threats put additional strain on victims, given that in the current environment of growing cyberattacks, governments around the world are strongly advising against paying the ransom.
The FBI also does not support ransom payments as it does not guarantee that networks will be protected from data breaches or future attacks. Instead, ransomware victims are encouraged to contact their local FBI office.
The ransom payment motivates criminals to target even more victims and encourages other cybercriminal groups to follow their lead in carrying out illegal activities.
