“While other ransomware families previously discussed how to leverage the effect of a publicly disclosed cyber attack on the stock market, they have never made it their official attack vector,” Dmitry Smilyanets, threat intel analyst at Recorded Future, told The Record today. “DarkSide becomes the first ransomware variant to make it formal.” However, the announcement also serves as an indirect method to threaten hacked companies that not paying the ransom demand could result in negative press large enough to impact their market listings and enough to push some victims into paying the asked ransom.
The operators of the Darkside ransomware are expanding their extortion tactics with a new technique aimed at companies that are listed on NASDAQ or other stock exchanges. From a report: In a message posted on their dark web portal, the Darkside crew said it is willing to notify crooked market traders in advance so they can short a company’s stock price before they list its name on their website as a victim. The Darkside crew believes that the negative impact of having a traded company’s name listed on its website would be enough to cause its stock price to fall and for a crooked trader to make a profit.