The DemonWare ransomware group is attempting to bribe employees at target businesses to install ransomware on their employers’ networks, according to Abnormal Security.
The attempted digital bribes vow to pay company insiders $1 million in bitcoin — or 40 percent of the presumed $2.5 million ransom — if they install the malware on employers’ networks, Abnormal Security says.
The good news in all this? Abnormal Security identified and blocked multiple accomplice-for-hire emails sent to customers on August 12, the e-mail security company says.
How DemonWare Discusses Proposed Attacks With Company Insiders
To find potential accomplices within target companies, the threat actor apparently collected employee contact information from LinkedIn.
Leveraging email, the external attacker provided target employees two contact methods — an Outlook email account and a Telegram usernames — to discuss proposed attacks and payment methods, Abnormal Security says.