Nemty Ransomware Punishes Victims by Posting Their Stolen Data
The latest cybercrime operation involving Nemty Ransomware has been stealing victim’s files before encrypting computers and publicly posting the files if the victim does not agree to pay ransom demands. The newest campaign uses a data leak site to punish victims who refuse to pay, and the information released has included company financials, personal information, and client data. The release of this sensitive data has escalated the ransomware attacks into critical data breaches.
After the Maze Ransomware followed through with their threat and posted stolen files, other ransomware threat actors and families such as DoppelPaymer and Sodinokibi started to create leak sites, extorting victims in a very similar manner and creating new cybercrime operations. Now, Nemty Ransomware operators are the most recent group to start using leak sites to punish non-paying victims by releasing their valuable information.