Ransomware Crew Threatens Snowden With Leaks In Extortion Reboot.

A threat group called Ox Thief recently threatened to contact Edward Snowden, a former NSA intelligence contractor who turned whistle blower after he released classified details about international surveillance operations in 2023, in an attempt to persuade it's victim to pay to secure it's data. But this strategy wasn't how Ox Thief started. The threat actor initially stated on it's Tor -based website that it had taken 47GB of private data from a company, according to Fortra's study.

Using Traditional Ransomware Extortion Techniques, it first provided samples of the stolen data so the victim could confirm the veracity of the group's claims before threatening to publish publish the material if the victim failed to pay the desired ransom. However, when the threat actor started writing about the repercussions the victim would face if the ransom wasn't paid, things started to go wrong. This includes fines, class-action-lawsuits, reputational harm, jail time for data leak culpability, and incident response expenses.

Additionally, if the ransom demand wasn't fulfilled, it threatened to get in touch with journalist Brian Krebs, Troy Hunt of HavelBeenPwned, the Electronic Frontier Foundation (EFF), the European center for Digital Right's privacy group NOYB, and, lastly, Edward Snowden, who is now naturalized Russian Citizen.

The action might reveal the crew's potential financial necessity and desperation. Nick Oram, senior manager of Fortra's domain and dark web monitoring services, stated that  "the group is trying to reframe the cost-benefit analysis of paying versus resisting extortion " by clearly stating possible fines, class action lawsuits, and regulatory penalties.