The ransomware group BlackMatter has developed a custom data exfiltration tool, dubbed Exmatter, that allows operators to easily target data of value, suggesting that they are looking to make their attacks faster.
<p dir=\"ltr\">It’s not surprising that they are focusing specifically on extracting data, given these are ultimately the crown jewels of any organization from customer data to trade secrets and employee information. Any data that can be used for extortion is fair game and so it makes sense to focus on this from the attacker’s perspective. The approach is not really new though – most ransomware uses some form of exfiltration already, they just use different approaches to do this. This particular example is exfiltrating the data before putting up a paywall, which is a different sequence than we typically see. I am not sure I would say it is more dangerous than any others though, just a slightly different approach. </p>
<p dir=\"ltr\">The lack of repercussions and danger associated with ransomware continues to attract new entrants on a daily basis. There are virtually no barriers to entry and it is very easy to work with many of these gangs and utilize their technologies, so the attacks will only continue to grow.</p>
Information Security Buzz (aka ISBuzz News) is an independent resource that provides the experts comments, analysis and opinion on the latest Information Security news and topics