Journalists of the edition Bleeping computer noticed that Egregor ransomware was drawing attention to its attacks by printing ransom notes on all available printers of the company.
Bleeping Computer reporters noticed that Egregor ransomware is drawing attention to its attacks by printing ransom notes on all the company's available printers.
This tactic demonstrates that ransomware operators are well aware that many companies would prefer to hide the attack even from their employees, fearing that news of the incident could affect their reputation and share price.
To make sure everyone knows about the attack, as well as to put pressure on the victims, after the attack, Egregor prints extortion notes on all available network and local printers of the victim. We talked about this ransomware tactic the last time we covered the attack on the Cencosud company, but now journalists have seen it in action.
– Irlenys (@Irlenys) November 15, 2020
As the video demonstrates above, hacker messages are printed even on cashier's checks.
The publication notes that it is not the executable file of the malware that is responsible for printing the ransom notes; for this, the attackers use a special script that, at the end of the attack, starts printing on all available printers. However, the script itself has not yet fallen into the hands of researchers.