The threat actors behind a ransomware strain called „HardBit“ were recently seen asking victims to provide them with their insurance details. This is so they can tailor their demand within the policy.
A new version of a ransomware strain called „HardBit“ was recently seen not only encrypting victims‘ files, but also negotiating a ransom demand by asking for a victim’s cybersecurity insurance details.
HardBit was first observed in the wild back in October 2022 and was updated to version 2.0 by the end of November, according to data security and analytics company Varonis. This is the version currently making the rounds on the internet.
HardBit claims to steal sensitive data from its victims and leak them unless a ransom is paid. However, HardBit doesn’t appear to have a data leak site where the stolen data is dumped. It is also reportedly not using the double extortion tactic where the ransomware’s creators name and shame the victim and threaten them with the exposure of their confidential data.
Start
United States
USA — software 'HardBit' ransomware asks victims to provide insurance details to identify ransom demand