The bad actors behind DoppelPaymer ransomware have begun publicly posting stolen files to further extort and shame non-paying victims.
BleepingComputer reports:
The operators of the DoppelPaymer Ransomware have launched a site that they will use to shame victims who do not pay a ransom and to publish any files that were stolen before computers were encrypted.
A new extortion method started by the Maze Ransomware is to steal files before encrypting them and then use them as leverage to get victims to pay the ransom.
If a ransom is not paid, then the ransomware operators release the stolen files on a public 'news' site to expose the victim to government fines, lawsuits, and the risk of the attack being classified as a data breach.
Soon after starting this tactic, other ransomware families including Sodinokibi, Nemty, and DoppelPaymer have stated that they would begin this practice as well.