Anne Bucher  |  June 7, 2022

Category: Data Breach

Top Class Actions’s website and social media posts use affiliate links. If you make a purchase using such links, we may receive a commission, but it will not result in any additional charges to you. Please review our Affiliate Link Disclosure for more information.

Close up of two computer monitors displaying a hacking software on the screens - data breach, ransom
(Photo Credit: Tima Miroshnichenko/Pexels.com)

Karakurt hacker ransom warning overview:

  • Who: Federal agencies warned consumers and businesses against paying ransoms to a cybercrime group called Karakurt.
  • Why: Karakurt allegedly breaks its promise to delete stolen data and keep incidents quiet even after its victims pay a ransom.
  • Where: The warning was issued to U.S. consumers and businesses. 

The Federal Bureau of Investigation (FBI) and other federal agencies have warned consumers and businesses against paying a data breach ransom to a ransomware crew known as Karakurt because it reportedly does not delete the stolen data or keep the incidents quiet as promised, according to an alert from the FBI, Cybersecurity and Infrastructure Security Agency, Financial Crimes Enforcement Network and the Treasury Department..

The cybercrime group typically threatens victims it will release or auction off stolen data if a ransom payment is not made within a week, the alert states.

The agencies’ joint alert states the Karakurt ransom demands have ranged from $25,000 to $13 million in Bitcoin. 

Karakurt allegedly operates dark web website with victims’ data

Some cybercrime victims say Karakurt provided evidence it deleted victims’ data, but others claim Karakurt has not lived up to its promises.

“Although Karakurt’s primary extortion leverage is a promise to delete stolen data and keep the incident confidential, some victims reported Karakurt actors did not maintain the confidentiality of victim information after a ransom was paid,” the joint alert says.

In recent months, Karakurt operated a website on the dark web that allegedly contains “several terabytes” of victims’ data. The website also threatens to “name and shame” ransomware victims who do not pay up, according to the joint alert.

Additionally, some Karakurt cybercriminals have reportedly harassed victims’ employees, clients and business partners with emails and phone calls to push their victims into paying a ransom.

Cybersecurity experts linked some Karakurt members to Conti, a ransomware group based in Russia, the alert says.

In 2020, Louisiana’s 4th Judicial Court became victim to a Conti cyberattack in which the group published nonpublic documents on the dark web. In recent years, other cyberattacks targeted private businesses, hospitals, schools and COVID-19 researchers.

In response to the increasing number of ransomware threats, the U.S. Department of Justice (DOJ) created task forces to curb the impact of these attacks, many of which are committed by cybercriminals based in jurisdictions without extradition agreements with the United States, according to the alert.

The DOJ also recently notified government attorneys it would not prosecute security researchers who access organizations’ networks in good faith to investigate security flaws.

Has your workplace been affected by a ransomware attack? Do you think cybercrime victims should pay a ransom to groups like Karakurt? Join the discussion in the comments below!


Don’t Miss Out!

Check out our list of Class Action Lawsuits and Class Action Settlements you may qualify to join!


Read About More Class Action Lawsuits & Class Action Settlements:

We tell you about cash you can claim EVERY WEEK! Sign up for our free newsletter.

Leave a Reply

Your email address will not be published. By submitting your comment and contact information, you agree to receive marketing emails from Top Class Actions regarding this and/or similar lawsuits or settlements, and/or to be contacted by an attorney or law firm to discuss the details of your potential case at no charge to you if you qualify. Required fields are marked *

Please note: Top Class Actions is not a settlement administrator or law firm. Top Class Actions is a legal news source that reports on class action lawsuits, class action settlements, drug injury lawsuits and product liability lawsuits. Top Class Actions does not process claims and we cannot advise you on the status of any class action settlement claim. You must contact the settlement administrator or your attorney for any updates regarding your claim status, claim form or questions about when payments are expected to be mailed out.