The leak site strategy is being used by the cybercriminal underground. This enables ransomware groups to implement a double extortion attack.
The Advantech hackers release the malware, in this case, Conti ransomware then demands a ransom to keep the data private. They also want to be paid for the key to restore the data that they have encrypted throughout the company’s system.
As proof of the capability to restore the data, Conti ransomware operators are willing to decrypt two of the encrypted files.
This is known as a hacker gang’s one-two punch or double extortion demand.
Conti ransomware is an evolving threat
The Conti ransomware gang claims they will remove any backdoors from Advantech’s network and completely remove all stolen data from the hacker’s system. But they threaten to leak all the data and leave the firm with a corrupted server if they do not receive ransom payment.
The hacker gang also brazenly announced that they will be happy to provide security tips on how to secure the company network so it will be immune to all future ransomware infections.
