Ransomware

Hackers Behind Ragnar Locker Ransomware Threatens to Leak Stolen Data If Victims Inform FBI/Police

The Ragnar Locker ransomware gang is adopting a new technique where they are forcing the victim to pay the ransom, where the operators are threatening to leak the stolen data.

After this, the group has come up with a solution where they have introduced a new strategy where they will request help from the data recovery expert and the professional negotiators.

As per the report, In this profession, they are getting many numbers of professional negotiators where it is not becoming an easier process and safe.

These types of negotiators are mainly working for the company’s recovery where they are working directly with Police, investigation agencies, or the FBI. They are not interested in commercial success; they want their client’s safety and private data.

Notice
They also warn their clients that whenever they hire the recovery company for the negotiation, they will send the request to the FBI or investigators office. That time only this application they will consider and stat working on that but sometimes without any request, they will also work because they recognize the lie and they do work on emergency. 

They want to convey to all of their clients that the client can take their help to resolve things smoothly. This type of ransomware operator is very professional, and they are not interested in any commercial success.

In the past, the Ragnar Locker gang has hit high-profile organizations like Dassault Falcon, Japanese gaming form Capcom, chipmaker ADATA, etc.

In November April 2020, they issued a flash alert to warn the private industry partner that they have increased the Ragnar Locker ransomware activity.

As per the report, here are the technical details of the ransomware that mitigate the threat:

  1. They recommend the mitigation and keep the data back up offline.
  2. They also make sure that every copy of critical data have be store in the external drive.  Everyone should not have access of it.
  3. Everyone uses the secure network by installing VPN.
  4. Make sure anti-virus and anti-malware solutions are set to automatically update and run regular scans.
  5. Secure your backups. Make sure they are not connected to the computers and networks they are backing up.
  6. Make sure anti-virus and anti-malware solutions are set to automatically update and run regular scans.

Follow us on LinkedinTwitterFacebook for daily Cybersecurity News & Updates

Guru Baran

Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Recent Posts

REF7707 Hackers Attacking Windows & Linux Machines Using FINALDRAFT Malware

A sophisticated hacking campaign has been unveiled recently by Elastic Security Labs, dubbed "REF7707," which…

39 minutes ago

New Device Code Phishing Attack Exploit Device Code Authentication To Capture Authentication Tokens

A sophisticated phishing campaign, identified by Microsoft Threat Intelligence, has been exploiting a technique known…

2 hours ago

RedMike Hackers Exploited 1000+ Cisco Devices to Gain Admin Access

Researchers observed a sophisticated cyber-espionage campaign led by the Chinese state-sponsored group known as "Salt…

4 hours ago

AMD Ryzen DLL Hijacking Vulnerability Let Attackers Execute Arbitrary Code

A high-severity security vulnerability, identified as CVE-2024-21966, has been discovered in the AMD Ryzen™ Master…

4 hours ago

PostgreSQL Terminal Tool Injection Vulnerability Allows Remote Code Execution

Researchers have uncovered a high-severity SQL injection vulnerability, CVE-2025-1094, affecting PostgreSQL’s interactive terminal tool, psql. …

5 hours ago

WinZip Vulnerability Let Remote Attackers Execute Arbitrary Code

A newly disclosed high-severity vulnerability in WinZip, tracked as CVE-2025-1240, enables remote attackers to execute…

9 hours ago