ransomware_site_monitoring
Differences
This shows you the differences between two versions of the page.
| Both sides previous revision Previous revision Next revision | Previous revision | ||
|
ransomware_site_monitoring [2022/10/02 13:38] kaduuwikiadmin |
ransomware_site_monitoring [2023/05/22 20:40] (current) |
||
|---|---|---|---|
| Line 4: | Line 4: | ||
| - | Ransomware hackers have escalated their extortion strategies by stealing files from victims before encrypting their data. These stolen files are then used as further leverage to force victims to pay. Many ransomware hackers have created data leak sites to publicly shame their victims and publish the files they stole. Here a list of sites in the dark web that list ransonwware leaks: https:// | + | Ransomware hackers have escalated their extortion strategies by stealing files from victims before encrypting their data. These stolen files are then used as further leverage to force victims to pay. Many ransomware hackers have created data leak sites to publicly shame their victims and publish the files they stole. |
| + | |||
| + | {{:: | ||
| + | |||
| + | Here a list of sites in the dark web that list ransonwware leaks: https:// | ||
| + | |||
| + | Kaduu is monitoring the following sites: | ||
| + | |||
| + | {{: | ||
| + | |||
| + | ===== Why is it useful to monitor this? ===== | ||
| + | |||
| + | One would expect that the company affected by a ransomware attack would be the first to know about it. However, there are scenarios why this should be monitored: | ||
| + | |||
| + | a) Some companies are decentralized with different subsidiaries. The flow of information to a central location does not always work. In such cases, monitoring helps to keep track of the situation, even if a remote office abroad is affected by an attack. | ||
| + | |||
| + | b) It makes sense to also include suppliers and partners in the monitoring. For example, if a partner is hit by a ransomware attack, the company itself may also be affected. In the data of the attacked company (price lists, email communication, | ||
| + | |||
| + | ===== How to query? ===== | ||
| + | |||
| + | You can simply put the company name as a search criteria: | ||
| + | |||
| + | {{:: | ||
| + | |||
| + | When you click on the results, you see which ransomware type was used and the link to the according darknet website: | ||
| + | |||
| + | {{:: | ||
| + | |||
ransomware_site_monitoring.1664710726.txt.gz · Last modified: 2023/05/22 20:40 (external edit)
Page Tools
