The infamous Ragnar Locker ransomware gang had quit and published its decryption keys, it turns out that it’s still active and actively threatening its victims. Ragnar Locker gang is warning its victims that it will leak stolen data if they contact law enforcement authorities. The announcement was made on the Ragnar Locker dark web page this week. The threat also applies to victims contacting data recovery experts to attempt to remediate and recover their data.
Ragnar Locker is a well-known double-tap ransomware gang, so called because it both encrypts files and steals data, demanding a ransom payment for both a decryption key and a promise not to publish the stolen data. It’s also an arguably innovative ransomware gang, having previously taken to buying Facebook Inc. advertising to put pressure on its victims to pay up.
In many ransomware cases, law enforcement agencies are of little to no help for the victims being overloaded with pending cases and complex investigations. But hiring external or internal professionals to meticulously investigate the incident is crucial for all victimized companies.
As countless cases convincingly illustrate, following the instructions of ransomware gangs never guarantees that your data won’t be leaked or resold sooner or later.