Ransomware has made a revamp on how they roll. Besides computers being held hostage and encrypting the files, privacy of photos, files and conversations are now a part of the equation.
Basically, ransomware breaches systems via email and encrypting and locking files and held for ransom for a certain payment scheme and they have been able to rake in a hefty amount of money over the years.
Companies avoid paying the ransoms because of their comprehensive backups and just clean and wipe their system clean and continue going about their everyday routine. Because of this ransom-avoidance, cybercriminals modified their code to be more potent and deadly. Here is where Doxware comes in since they have combined ransomware and sensitive data leak if ransom has not been paid.
The hackers basically have you pushed against the wall. They hold the computers hostage until payment has been made which is the ransomware aspect. The data leak comes unless ransom has been paid. Basically this is an extortion kind of deal since they threaten to release conversations, pictures, files and anything worth inside the computer to the public which makes it a lot more profitable by being a double-edged attack.
Sony Pictures has been a victim of an email phishing malware attack last 2014 that had released private conversations between top producers and executives discussing employees, actors, industry competitors, and future film plans, among other sensitive topics.
One of the recent ransomware victims includes the healthcare industry. Medstar Health suffered a major attack which affected 10 hospitals and more than 250 outpatient centers last 2016.
Doxware requires strategic, end-to-end planning, which means hackers will target their victims more deliberately. Therefore, malicious players will be more intentional in whom they attack, giving corporate leaders, politicians, celebrities, and other public figures cause for concern.
Looking at the data leaked from Sony, it’s easy to imagine the catastrophic effect Doxware would have on an executive of any major corporation. Company leaders hold countless conversations over email each day on
sensitive topics ranging from product development to competition to internal politics, and if there’s a Doxware attack, the fallout could be extensive.
Although the technology behind Doxware is relatively new and is currently limited and contained to Windows computers, but eventually it will end up evolving.
It might transition to infiltrate Mac computers, Linux, and even mobile devices and will become much more pervasive with all the text messages, photos, and data from apps that are at risk in leaking out into the public or possibly the competitors or highest bidders for the sensitive information. What a nightmare it can become.
Doxware can potentially target a wider range of files since emails are a higher target for hackers. Internal communications and instant messaging that run within a company would also certainly be a target.
The messaging network often serves as a platform where both sensitive business discussion and casual conversations take place, potentially exposing both company secrets and personally embarrassing exchanges.
Doxware is at its infancy and is still developing, two of its variants have already been spotted in action by the Malware Hunter Team, whose Cyber Tracker website monitors phishing sites, botnet control sites, and malware distribution.
One of these variants hold files ransom with the threat of release and then steals a victim’s passwords.
Another mutation, Popcorn Time, takes Doxware even further giving victims the option to infect two of their friends with the malware instead of paying the ransom. The attacks give a glimpse at what could come from this damaging new ransomware mutation, and the reality is frightening.
We do not know how this Doxware threat will continue from here but the threat might evolve to broaden what it can infect so it is strongly advised that companies and individuals always keep data security a top priority.
