This ransomware strain is specifically aimed at 'dirty' material of companies

Recently, the malicious agents behind Sodinokibi continue to issue a warning to share publicly the "dirty" financial secrets of hundreds of companies if they refuse to pay the ransom as required. The threat comes after more and more ransomware victims choose to recover data themselves or seek help from security organizations, making ransomware distributors unable to profit as expected.

Statistics from many security organizations show that ransomware strains in general are tending to target data against victims in case they do not accept the required ransom. In particular, the financial data of businesses is most targeted, because many businesses have 'off-line' business activities such as circumventing laws or evading taxes.

The image above captures the threat message posted on a security forum, showing attackers warning that they will sell data relating to Social Security Numbers and some 'dirty' financial documents. 'of a company to other hackers on the dark web or disclosed to authorities.

This new tactic of the attackers has made the fight against ransomware to a new level, much more difficult. While security experts advise ransomware victims not to pay ransom and seek professional help, hacking the victim's confidential data will make it impossible for them to 'seek help. 'these organizations and are forced to pay ransom to avoid legal trouble in case hackers disclose their "dirty" documents.