Ionut Ilascu reports:
The ALPHV ransomware operators have gotten creative with their extortion tactic and, in at least one case, created a replica of the victim’s site to publish stolen data on it.
It appears that ALPHV, also known as BlackCat ransomware, is known for testing new extortion tactics as a way to pressure and shame their victims into paying.
While these tactics may not be successful, they introduce an ever-increasing threat landscape that victims need to navigate.
Read more at Bleeping Computer.
The cloned site with a similar domain name is on the clear net, as Ilascu explains. Is this just a way to embarrass or pressure the victim more into paying, or could it be more dangerous? So far, it just seemed like a snarky way to pressure the victim, but who knows what might happen in the future?
Note: This post was edited post-publication to delete a sentence that had misinterpreted something said by Brett Callow.