The Ragnar Locker ransom gang, the cybercriminal group behind a series of costly ransomware attacks against companies, is warning victims not to seek help from law enforcement agencies.
The group also warned victims that they should also not work with companies that specialize in helping companies negotiate with cybercriminals after ransomware attacks, and posted a statement on its dark web site saying it would punish any "customers" who violated the requirements by immediately releasing their stolen data.
Ragnar Locker's warning:
Dear clients if you want to resolve all issues smoothly, don’t ask the Police to do this for you. We will find out and punish with all our effort.
Here is the full text of what Ragnar Locker said:
In our practice we has facing with the professional negotiators much more often in last days. Unfortunately it’s not making the process easier or safer, on the contrary it’s actually makes all even worse. Such negotiator are usually working in recovery-companies affiliated or even working directly in Police/FBI/investigation agency and etc. They are totally not interested in commercial success of their clients or in safety of theirs private data.
So from this moment we warn all our clients, if you will hire any recovery company for negotiations or if you will send requests to the Police/FBI/Investigators, we will consider this as a hostile intent and we will initiate the publication of whole compromised Data immediately. Don’t think please that any negotiators will be able to deceive us, we have enough experience and many ways to recognize such a lie. Dear clients if you want to resolve all issues smoothly, don’t ask the Police to do this for you. We will find out and punish with all our efforts.
The Ragnar Locker gang tells its victims not to go to ransomware recovery companies and police for one reason - it fears it will hurt business.
The ransomware gang isn't keen on talking to anyone who successfully manages to delicately negotiate a smaller ransom payment, or worse, help a business recover its data without paying any ransom at all - not to mention drawing more interest in the gang from law enforcement organizations like the FBI.
Ransomware gangs would prefer that you just talk to them and not have the police and others come in to assist. The question is - when your company is under attack by RagnarLocker, do you let them decide the rules?
Past victims of the RagnarLocker ransomware include gaming company Capcom, beverage company Campari and Taiwanese memory and storage manufacturer ADATA.