There’s Evidence That Ransomware Groups Are Forming Extortion Cartels

  • “MountLocker” has gotten a stolen data dump belonging to Dassault from “Ragnar Locker.”
  • This constitutes evidence of ransomware groups forming extortion cartels, raising the heat of their victims.
  • There have been indications about collaborations and affiliations in the past, and this incident comes as proof.

Ransomware group “MountLocker” is now touting 5% of the data dump originally stolen by “Ragnar Locker” during a cyberattack against ‘Dassault Falcon.’ As the hackers claim, the listing is from one of their partners, which is a clear indication that ransomware gangs are now working in collaboration, forming extortion cartels and making the most out of their successful breaches.

We were tipped about this by researchers of KELA, the Israeli cyber-intelligence expert.

Source: KELA

KELA has previously explained how collaborations open up new monetization channels in detail, and this incident comes to confirm the assumptions. We had seen such signs before and talked about the dire possibility of having strong affiliations and co-ops in the field, amplifying an already extremely troublesome problem.

‘Dassault Falcon’ is an aircraft designer and manufacturer, engaging mainly in the business jet market. The firm employs over 12,000 people and has an annual revenue of about $2 billion. Ragnar Locker hit the company about ten days ago, claiming to have stolen about 10 GB of sensitive data and publishing screenshots of the accessed filesystem. In there, there are employee salary details, confidential agreements, billing activity reports, contacts, corporate correspondence, and non-disclosure agreements.

Ragnar Locker claimed that Dassault executives ignored the security breach and chose not to contact them and seek to negotiate. And so the leakage of documents started, with unknown results as to whether any ransom was paid or not.

Now, MountLocker is joining the party, ready to launch their own extortion and demand a new ransom amount from Dassault Falcon. Potentially, Ragnar Locker shared the dump freely, hoping to get something in return, either a cut from the ransom payment or a dump from MountLocker’s offensive activities in the future.

Whatever the case, this collaboration is not good news for companies dealing with ransomware threats. Also, it’s yet another compelling reason not to pay the ransom. If ransomware groups share the extortion levers with each other, what’s the point of paying them, and who’s going to guarantee when this racketeering process stops?

Latest
How to Watch Ex On The Beach UK Season 11 (2023) Online from Anywhere
Ex On The Beach UK 2023 is just around the corner, and we have all the details you may need on this...
How to Watch The Greatest Auction Online Free from Anywhere
Are you a fan of auctions? Do you get a thrill watching bidders compete for rare and valuable items worth millions of...
How to Watch Glow Up: Britain’s Next Make-Up Star Season 5 Online Free From Anywhere
Glow Up: Britain’s Next Make-Up Star has prepared new episodes that are set to air soon, and you’ll be able to stream...
For a better user experience we recommend using a more modern browser. We support the latest version of the following browsers: For a better user experience we recommend using the latest version of the following browsers: Chrome, Edge, Firefox, Safari