If you think you have heard it all when it comes to hackers finding ways to make a buck, think again. SC Magazine reported this week that the DarkSide ransomware group is offering insider stock tips to traders before they hit a major target and the stock prices fall. The goal is to make a profit off those traders who want to sell their stock quickly before the price plummets.
As quoted by SC Magazine, a post from April 20 on the DarkSide ransomware website says:
“Now our team and partners encrypt many companies that are trading on NASDAQ and other stock exchanges. If the company refuses to pay, we are ready to provide information before the publication so that it would be possible to earn in the reduction price of shares. Write to us in ‘Contact Us’ and we will provide you with detailed information.”
Why Would Hackers Do This?
Cybercriminals look to benefit in a few different ways. First, they could easily charge traders for these stock tips, so they know precisely when to sell before the company is hit by ransomware. Second, they can profit again by extorting a ransom from the company either before or after they have affected their stock price. Third, the ransomware group could wait until the stock price is at its lowest and purchase stock low, then sell it again high after the crisis is over.
So far, this is the only gang that has used this new tactic. If it pans out, others will surely follow suit.
Brett Callow, a threat researcher at Emsisoft, says, “In recent months, ransomware groups have been looking for new ways to pressure their targets into paying, from publicizing attacks via Facebook ads to reaching out to customers and asking them to contact the breached company to insist that it take action to protect their data – in other words, that they pay the ransom.”
“Given that, it’s not at all surprising to see a group experiment with this strategy. I suspect their intention is not to obtain money from unscrupulous traders but rather to scare future victims into settling quickly in order to avoid the possibility of their stock being shorted. I doubt that the strategy will be successful or be emulated by other groups, but time will tell.”
Why it Won’t Work
Some stock insiders/threat analysts say that this technique won’t work for hackers, and it will all wash out in the end. They also implied that traders most likely won’t trust any hacker groups or believe that the stock is in danger, so that they won’t pay up.
Evidence has shown that interactions with hacker groups rarely yield any profit for anyone other than themselves, and they just plain can’t be trusted. Barely anything they put out there is the actual truth. A trader would be nuts to take it at face value and pay for that kind of information, especially risking his or her own freedom in the process.
If anything, threat assessors claim that the company’s credit rating and finances will be affected more than any stock prices. Not that the stock market isn’t affected by wide swings, but a lot of it is based on misinformation rather than fact. An actual data breach can have far-reaching consequences.
Although no one knows who the DarkSide group is, this is not the first time it has shown its odd side. In 2020, the group donated some of its profits (from extortion) to charitable companies. It is doubtful that this will be the last oddity we hear about from the Darkside.