HardBit ransomware demands ransom based on insurance cover


All these days we have read about ransomware spreading groups stealing data and then threatening to release it online, if the victim fails to pay heed to their demands. But now a new file encrypting malware variant has emerged onto the block that demands ransom, based on the insurance cover.

HardBit 2.0 ransomware does so during negotiations and tries to find the exact amount to be covered with the cyber insurance and then demands ransom.

From Cyber Insurance POV, this seems like a scam stuck between the victim and those spreading the malware…. isn’t it?

Now, going with the details available to our Cybersecurity Insiders, the said group of criminals are spreading the said 2.0 version since November 2022 and the new version is being circulating on the internet from the Valentine’s day of this year.

Varonis, the information security analysis firm, discovered this in its survey and concluded that the said ransomware spreading gang is yet to host a data leak website, that hosts ransom details as soon as the victim fails to pay the demanded sum in BTC.

Information is out that the group demands virtual currency as Bitcoins, i.e., BTC, and has the potential to disable Windows Defender real time analytics and antagonize its file protection services.

Contrarily to other hacking groups, instead of writing encrypted data to the files and wiping off the original, HardBit overwrites the data with encrypted information- thus complicating the recovery process/s.


Naveen Goud is a writer at Cybersecurity Insiders covering topics such as Mergers & Acquisitions, Startups, Cyber Attacks, Cloud Security and Mobile Security

No posts to display