Ransomware group Ragnar Locker published an announcement on its darknet leak site saying it would publish the stolen data of victims of their latest ransomware attack if the said victims contacted law enforcement agencies. That also applies to victims contacting data recovery experts.
“So from this moment we warn all our clients, if you will hire any recovery company for negotiations or if you will send requests to the police/FBI/investigators, we will consider this as a hostile intent and we will initiate the publication of whole compromised data immediately,” reads the note.
Ragnar Locker is a group of hackers that mostly manually deploys ransomware payloads to infect victims’ computers. They are known to spend time investigating the various files that they can steal before moving to the encryption stage.
Ragnar Locker has attacked several major organizations in the past and extorted millions of dollars from each of them. It has recently targeted such companies as Capcom, ADATA, and Dassault Falcon. In Capcom’s case, the group reportedly encrypted 2,000 devices and demanded an $11,000,000 ransom.
The threat also applies to victims who are contacting “professional negotiators.” They believe these negotiators are associated with data recovery agencies that often tie-up with the FBI and other law enforcement departments. In case they try to negotiate or retrieve their data, the group threatens to publish their entire data on their site.
“Government has a strong position against paying ransoms to criminals, including when targeted by ransomware. Paying a ransom in response to ransomware does not guarantee a successful outcome,” said the British Home Secretary, Priti Patel.
The FBI does not support the payment of ransoms either. This is because it can’t guarantee that the funds will be secure and prevent future attacks.