A new ransomware group, Ransomed, has been identified by cybersecurity analyst and blogger Flashpoint. The group is taking a unique approach to extortion – leveraging the EU’s General Data Protection Regulation (GDPR) laws to their advantage. They threaten victims with potential GDPR fines if they don’t pay the ransom. This new tactic is a departure from the usual methods of cybercriminals and turns protective laws against the victims.
Ransomed seems to have set their ransom demands lower than the potential cost of a GDPR fine, thus increasing their chances of getting paid. This is an unwelcome development for legislators who have been working to protect public data by imposing strict regulations on companies. GDPR fines can range from a few hundred dollars to millions, as seen in the case of Meta, which received a record-breaking $1.3 billion penalty in May.
Another interesting move from Ransomed is its readiness to list two cryptocurrency wallets for Bitcoin payments, an unconventional choice as threat actors typically do not disclose their wallet addresses publicly. However, it’s still uncertain whether these tactics will prove successful. Flashpoint has linked Ransomed to the cybercriminal platform BreachForums, but it’s too early to determine if the group will pose a significant persistent threat.
Although Ransomed’s strategy is novel and potentially intimidating, there’s no confirmed evidence yet that their threats have led to any actual compromises. Flashpoint noted one instance where a screenshot was provided as proof of a compromise, but no further evidence could support this claim. Regardless, this development signifies an innovative, albeit concerning, shift in ransomware tactics.