Bleeping Computer reports about the unusual activity of the underground marketplace Marketo, which offers stolen data to competitors of ransomware victims and generally specializes in selling stolen information.
The administration of the resource sends letters to the competitors of the affected companies, offering to buy the stolen information.Marketo is a relatively new resource that appeared this spring. Back in May, the owner of the marketplace began to contact the media and cybersecurity researchers to promote his website.
When reporters asked a Marketo representative where the administration of the trading platform takes information from, as steals it itself or receives it from other hack groups, they said that “this is just a trading platform for people who have information to sell, we do not hack companies“…
Now it is reported now that the administration of the marketplace has begun to contact the competitors of the affected companies (whose data can be purchased on Marketo), offering them samples of information and offering to buy them.
For example, in April of this year, a statement appeared on Marketo about the hacking of a large company working in the field of heavy engineering and defense technologies. It seems that buyers for this information could not be found, and representatives of Marketo began to send letters to the victim’s competitors in order to offer them a “demo package” of the stolen data.
The list of competitors that received such messages includes unnamed billion-dollar international companies whose names, according to journalists, are familiar to everyone.
Overall, trying to attract the attention of competitors is not a new tactic for ransomware. For example, when the Clop hack group hacked into vulnerable Accellion FTA devices in order to steal data, the attackers acted the same way: the group notified victims and journalists about their attacks and theft of information in order to put pressure on their victims.
Let me remind you that I talked about the fact that Data stolen from CD Projekt Red is spreading in the network.