Emsisoft Blog: Ransomware group ups pressure on victims with new extortion tactic


Level 63
Thread author
Honorary Member
Top poster
Content Creator
Apr 24, 2016
The Alphv ransomware group, also known as BlackCat, has come up with an innovative new strategy to put additional pressure on victims. First, to provide some background, Alphv is a rebrand of the BlackMatter operation which was itself a rebrand of Darkside, the ransomware used in the attack on Colonial Pipeline.

Ransomware gangs used to simply encrypt their targets’ systems, however, that changed in 2019 when the Maze group began to also steal a copy of the data, using the threat of releasing it online as additional leverage to extort payment. Since then, gangs have A/B tested multiple other tactics to pressure victims, including DDoS attacks, press outreach and publicizing breaches via Facebook ads. Now, Alphv has taken it a step further.

On 14th June 2022, the group released details of an attack on a hotel in which they claim 112GB of data was stolen. They also created a website that enables the hotel’s employees and guests to check whether their information was among that which was stolen.