Skip to main content

Sodinokibi ransomware data available for purchase on hacking forum

(Image credit: Image Credit: WK1003Mike / Shutterstock )

Ransomware threats are evolving - hackers are now harvesting data that before they might only encrypt, to use as leverage over companies that refuse to pay ransom fees.

According to Bleeping Computer, cybersecurity firm Cyble has discovered data stolen from Brooks International by ransomware operators Sodinokibi available for purchase on a public hacking forum. 

The company had refused to pay the ransom fee, which drove Sodinokibi to list the stolen 12GB dataset - said to contain credit card information and log in credentials - for a fee of around $2.15.

According to cybersecurity experts, ransomware operators spend up to three days  mapping an infected networking and gathering information about connected devices.

During this "dwell time", valuable data is identified and downloaded to a third-party server and the information encrypted, preventing access by the network owner.

If the company refuses to pay the ransom fee, criminals threaten to release the harvested data online, placing the company at risk of financial penalties and reputational damage.