Ragnar Locker’s Facebook Ad Stunt a Harbinger of New Approaches
The gang behind the Ragnar Locker ransomware posted an ad on Facebook in an attempt to publicly shame a victim so it would pay a ransom. Security experts say the innovative tactic is indicative of things to come.
Earlier this week, the cyber gang hacked into a random company’s Facebook advertising account and then used it to buy an ad containing a press release stating Ragnar Locker had breached the Italian liquor company Campari and demanded it pay the ransom or see its data released. The security firm Emsisoft provided an image of the ad to Information Security Media Group.
“What we’re seeing right now is the rise of ransomware 2.0,” says Dmitry Bestuzhev, a researcher at the security firm Kaspersky. “By that I mean, attacks are becoming highly targeted and the focus isn’t just on encryption; instead, the extortion process is based around publishing confidential data online.”
Start of a Trend?
Security experts say ransomware gangs increasingly will try new stunts to force their targets to pay up.
“I’ve not seen a play like this before, but it’s not at all surprising. Ransomware groups push out press releases and do media outreach, so this was a logical extension,” says Brett Callow, threat analyst with Emsisoft.
Chris Hauk, consumer privacy champion at Pixel Privacy, says “Facebook…