Data Leak Detected by AhnLab EDR (vs. Ransomware Threat Actors)

Ransomware threat actors have been extorting money after taking control over organizations’ internal networks, distributing ransomware, encrypting systems, and holding system restoration for ransom. Recently, however, threat actors not only encrypts the systems but also leaks internal data and threatens to expose them publicly if the ransom is not paid.

Usually, these threat actors collect data, compress them, and leak them publicly. In such processes, threat actors utilize many legitimate utility programs. These programs already allow stable transfer of large-sized …

ahnlab control data data leak edr expose internal leak leaks malware analysis money networks organizations paid ransom ransomware restoration system system restoration systems threat threat actors