Avaddon ransomware is the latest cybercrime operation to launch a data leak site that will be used to publish the stolen data of victims who do not pay a ransom demand.
Since the Maze operators began publicly leaking files stolen in ransomware attacks, other operations soon followed suit and began creating data leak sites to publish stolen files.
These sites are designed to scare victims into paying a ransomware under threat that their files will be leaked to the public. If publicly released, this data could expose financial information, personal information of employees, and client data, which leads to a data breach.
Cybersecurity intelligence firm Kela has told BleepingComputer that the Avaddon ransomware operators have announced on a Russian-speaking hacker forum this weekend that they have launched a new data leak site.
At this time, there is only one entry on their site, where they leak 3.5MB of documents stolen from a construction company.
The use of data leak sites is a tactic that is not going away, and corporate victims need to accept that all ransomware attacks are now data breaches.
The attackers are hoping that the extra costs associated with data breaches and the potential reputational harm may push more victims into paying the ransom.
With ransomware attacks escalated into data breaches, companies must disclose the breach to their employees and clients, so they are aware of the potential risks and act accordingly to protect themselves.
To read the original article: https://www.bleepingcomputer.com/news/security/avaddon-ransomware-launches-data-leak-site-to-extort-victims/