Data shredder discovered in ransomware
Recently, an expert analyzed ransomware attributed to the BlackCat or ALPHV group. In addition to interesting SFTP functions, an implemented data destruction function was also discovered there. Could this be a clue to the future of data extortion? With ransomware-as-a-service (RaaS) and data leaks (DLS), the data extortion landscape is constantly seeing new innovations from threat actors, as well as acronyms from the security firms that track them. In this joint report, Cyderes and Stairwell examine evidence of a new tactic found in a BlackCat/ALPHV participant's exfiltration tool discovered during an investigation by Cyderes. Ransomware investigation in detail After a…