Gandalf_The_Grey
Level 76
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
- Apr 24, 2016
- 6,505
Yet another data-extortion cybercrime operation has appeared on the darknet named 'RansomHouse' where threat actors publish evidence of stolen files and leak data of organizations that refuse to make a ransom payment.
The new operation claims not to use any ransomware and instead focuses on breaching networks through alleged vulnerabilities to steal a target's data.
However, they do not take responsibility for their actions. Instead, they blame the companies for not properly securing their network and for "ridiculously small" bug bounty rewards offered for vulnerability disclosures.
"We believe that the culprits are not the ones who found the vulnerability or carried out the hack, but those who did not take proper care of security. The culprits are those who did not put a lock on the door leaving it wide open inviting everyone in," the RansomHouse threat actors write on their 'about us' page.
"People are inherently curious and are eager to learn the object of their interest. Usually corporations respond to the message that their "doors are wide open" in negative context, direct threats or silence. In rare cases one could meet gratitude and ridiculously small payments that do not cover even 5% of an enthusiast's efforts."