The Karakurt data extortion group is holing victim data for ransoms of $25,000 to $13 million in Bitcoin, according to a new alert from the FBI, Cybersecurity and Infrastructure Security Agency (CISA), and the Treasury Department. The U.S. agencies said Karakurt victims have not reported encryption of compromised machines or files, but instead the gang’s members threaten to auction off stolen data or release it to the public unless they receive a ransom. Victims are typically given a week to pay, according to the CISA alert. “Karakurt actors have typically provided screenshots or copies of stolen file directories as proof of stolen data. Karakurt actors have contacted victims’ employees, business partners, and clients with harassing emails and phone calls to pressure the victims to cooperate,” the alert explained. “The emails have contained examples of stolen data, such as social security numbers, payment accounts, private company emails, and sensitive business data belonging to employees or clients. Upon payment of ransoms, Karakurt actors have provided some form of proof of deletion of files and, occasionally, a brief statement explaining how the initial intrusion occurred.”
Read more : US Agencies: Karakurt extortion group demanding up to $13 million in attacks.