The BlackCat ransomware gang has begun abusing upcoming US Securities and Exchange Commission (SEC) cyber incident reporting rules to put pressure on organizations that refuse to negotiate ransom payments. The attackers filed an SEC complaint against one victim already, in a move that’s likely to become a common practice once the new regulations go into effect in mid-December.
On Wednesday, cybercriminals behind the BlackCat ransomware, also known as ALPHV, listed MeridianLink, a provider of digital lending solutions to financial institutions, on its data leak website that’s used to publicly name and shame companies the group allegedly compromised. Most ransomware gangs have adopted this double extortion tactic in recent years to force the hand of uncooperating victims by threatening to sell or release data the attackers managed to steal.
In fact, some cybercriminal groups don’t even bother deploying file encrypting malware sometimes and go straight to data leak blackmail. This seems to have been the case with BlackCat and MeridianLink, according to DataBreaches.net who reported speaking with the attackers. The breach reportedly happened on November 7 and only…
