Select Page

Cybercriminals Want to Short Their Victim’s Stock Price

Cybercriminals are going after the stock price of their victims. A ransomware gang has been targeting companies and demanding ransom in Bitcoin. If they don’t get paid, they’re threatening to short the stock price with a pump-and-dump scheme.

The ransomware attack is not only a cyber-crime but also an investment strategy. After all, the investors who wanted to make money by shorting stocks could use this ransomware attack as an opportunity to profit.

The ransomware gang has used various techniques to extort money from their victims, but cybercriminals are always looking for new ways to use technology against unsuspecting people.

The Darkside ransomware operators have a new tactic to extort companies: by shorting their stock price. The gang says it will notify crooked market traders to short the stock prices of its victims. This is done through a pump-and-dump scheme in which cybercriminals artificially inflate stocks and then sell them at a profit.

The Darkside crew believes that if it could list the traded company’s name on its website, its stock price would fall and make it easier for a crooked trader to profit.

Dmitriy Smilyanets, a threat intelligence analyst from Recorded Future told The Record “while other ransomware families previously discussed how to leverage the effect of a publicly disclosed cyber attack on the stock market, they have never made it their official attack vector.”

“DarkSide becomes the first ransomware variant to make it formal.”

The announcement also functions as an indirect threat to companies hacked by the group, warning that deferment of ransom payments could lead to negative press damaging enough to impact their market listings and ultimately convincing some victim enterprises into paying the asked ransom upfront.

This strategy is just one of the long lists that malware gangsters have used to scare victims into paying the ransom.

Ransomware gangs typically deploy other tactics once they learn that their target company has no intention of paying the ransom. When their original ransom demand is declined, ransomware gangs use additional tactics to pressure victims.

“We have anecdotal evidence that fewer people are paying ransom, which means ransomware actors have to find new ways to extort money from victims,” Allan Liska, a security researcher at Recorded Future with experience in the area of ransomware landscapes observed this trend.

However, there are some challenges that this new extortion technique may not be able to overcome. One of these challenges is the damage done by past ransomware attacks – none of them seemed severe enough to disrupt a company’s long-term performance on the stock market.

Thankfully there are some easy ways for businesses to protect themselves against these attacks and recover quickly if they do fall victim. 

  • Maintaining up-to-date antivirus software on all devices connected to company networks will prevent many attacks like ransomware.
  • Set strong passwords with different levels of protection, so attackers have more difficulty guessing them or even using brute force tactics while trying every password combination available until one works (this is a very lengthy process).
  • Another common tactic for preventing ransomware attacks is backing up data, so if this type of attack does happen, there will be no loss of critical information because everything has been saved elsewhere digitally.
  • Employees must receive regular cybersecurity training to help them understand the risks and how to avoid becoming victims.

These measures won’t stop ransomware from happening altogether, but they can significantly reduce the chances of an attack while keeping company networks safe for users.

Are you confident that the systems you have in place are configured correctly to detect and respond against a ransomware attack?


Cymulate’s Immediate Threat Intelligence vector is designed to inform and evaluate your organization’s security posture as quickly as possible against the latest cyber-attacks. The Cymulate Research Lab created the simulation that catches and analyzes threats immediately after cybercriminals and malicious hackers launch them.

By running this breach and attack simulation, you can validate within a short time if your organization would be vulnerable to these latest threats and take measures before an attack takes place.

ChatFortress has created the Business Cybersecurity System to help protect companies big and small. The Business Cybersecurity System provides you with full protection based on your needs and business goals.

About ChatFortress:


ChatFortress is a leading cybersecurity company helping business owners protect their assets from cybercriminals. ChatFortress is the creator of the Cybersecurity Report Card, the only external security assessment that validates 3rd party risk. We provide companies with access to the latest technologies, social engineering and human behavioral strategies, and user education to create a proactive cybersecurity culture. Helping you fortify your business against cyberattacks.