Home News Darkside Ransomware Gang Adopts New Extortion Technique by Targeting Stock Traders

Darkside Ransomware Gang Adopts New Extortion Technique by Targeting Stock Traders

In a new extortion technique, Darkside ransomware operators are targeting organizations listed on NASDAQ or other stock markets.

Australian Securities and Investment Commission Hit by a Cyberattack

Cybercriminals often try innovative methods in their attacking techniques to increase their success rate and evade security detection (obfuscation). From new malware variants to different hacking methods, threat actors constantly change their approaches to encrypt victims’ data and pressurize them into paying the ransom. To prove their power, the operators behind the Darkside ransomware group announced that they are leveraging new extortion tactics by targeting companies that are listed stock markets like NASDAQ.

In a notification posted on a dark web portal, the Darkside operators stated they are coaxing certain crooked stockbrokers to use insider information of their corporate targets so that they can short-sell a victim company’s stock before they disclose the breach or leak any data. The operators believe that the impact of posting a traded company’s name on its website will cause the victim company’s stock price to fall and help insider traders make profits.

Besides, the announcement also represents a new method to indirectly threaten and pressurize the targeted companies into paying the ransom.

“Now our team and partners encrypt many companies that are trading on NASDAQ and other stock exchanges. If the company refuses to pay, we are ready to provide information before the publication, so that it would be possible to earn at the reduced price of shares. Write to us in ‘Contact Us’ and we will provide you with detailed information,” Darkside operators said.

Twice the Benefits

Several industry experts opined that Darkside actors could benefit in two ways with this new extortion technique. The ransomware group could demand a huge amount from any trader in exchange for insider information. If traders are not approached, threat actors can still monetize the situation by threatening the victim company by leaking sensitive corporate data online — a common scenario where most organizations avoid paying ransom demands.

“While other ransomware families previously discussed how to leverage the effect of a publicly disclosed cyberattack on the stock market, they have never made it their official attack vector. DarkSide becomes the first ransomware variant to make it formal,” said Dmitry Smilyanets, threat intel analyst at Recorded Future.

Impact of Cyberattacks on Company’s Stock

Cyberattacks impact an organization in many ways, including loss of trust from customers, clients, damage of brand image, and of course a shrink in market value. However, the impact on stock values will not cause long-term damage to the company’s market value. Certain security experts opine that these kinds of extortion techniques have little chance to work out.