Ransomware group searches victims for information about cyber insurance

The criminals behind the Conti ransomware actively search victims for information about insurance policies in order to determine the amount of the ransom. That says security company Advanced Intel in an analysis. After the attackers gain access to the network, they specifically search for information about insurance, accounting, and financial documents.

According to researcher Vitali Kremez, this information is then used to determine the ransom. Recently, several instruction manuals from the Conti ransomware group appeared on the Internet. It also recommends looking for documents with certain keywords, including cyber insurance, security policies, and bank statements.

For some time now, there has been criticism of insurance companies that cover the ransom of ransomware victims through cyber insurance. According to critics, this would lead to an increase in ransomware attacks and a higher ransom demand.

Previous Post Next Post