Cybersecurity

Hackers Increasingly Shun Encryption In Favour Of Pure Data Th...

2026-01-15 0 views admin
Hackers Increasingly Shun Encryption In Favour Of Pure Data Th...

There has been a significant rise in ransomware campaigns which do not rely on encryption as cybercriminal extortion groups shift their operations.

An increasing number of cybercriminals are relying on data theft alone to extort ransom payments out of victims, a new research paper by Symantec and Carbon Black has warned.

“Extortion-only attacks have grown immensely…In these attacks, no ransomware is deployed, the attackers simply steal data from the victim’s network and attempt to extort a ransom from victims by threatening to publish the stolen data,” said the report.

While the number of ‘traditional’ ransomware attacks has remained stable – according to Symantec, data from ransomware leak sites suggested a total of  4737 ransomware  attacks during 2025, up 1% compared with 2024 – the number of encyptionless attacks has grown significantly.

Analysis of data leak sites suggests that there were almost 1500 incidents that relied on data theft alone for extortion attacks in what’s described as a “significant jump” in cyber-criminal groups leveraging the tactic. The figure for 2024 was only 28.

According to Symantec and Carbon Black, the most commonly deployed attack vectors in encryptionless ransomware campaigns are exploitation of unpatched zero-day vulnerabilities and leveraging weaknesses in the software supply chains.

A prominent example of this during 2025 was a series of attacks by the ShinyHunters gang which hit companies around the world, including Allianz, Qantas and Google.

ShinyHunters’ campaigns specifically targeted Salesforce instances, using social engineering and voice phishing attacks to gain access to credentials for Salesforce portals and exploit this to move laterally across the network. They used this access to steal data of Salesforce users and threatened to publish it if the affected company didn’t pay a ransom.

Another cybercriminal gang increasingly engaging in extortion-only attacks is Scattered Spider, although the group still deployed regular ransomware attacks – as seen in incidents targeting Marks & Spencer and The Co-op last year.

Researchers also noted that one zero-day vulnerability which was exploited to deploy encryptionless extortion campaigns included CVE-2025-61882, a vulnerability in Oracle E-Business Suites that allowed unauthenticated attackers to remotely execute code.

Source: InfoSecurity Magazine

🏷️ Tags

vulnerabilityattackthreatransomwarephishing

More from Cybersecurity

Cyber: Google Now Lets You Change Your @gmail.com Address, Rolling Out

Cyber: Google Now Lets You Change Your @gmail.com Address, Rolling Out

2026-01-16 0
Chatgpt Is Now More Reliable At Finding And Remembering Your P...

Chatgpt Is Now More Reliable At Finding And Remembering Your P...

2026-01-16 0
Latest: Gootloader Now Uses 1,000-part Zip Archives For Stealthy Delivery

Latest: Gootloader Now Uses 1,000-part Zip Archives For Stealthy Delivery

2026-01-15 0
Grubhub Confirms Hackers Stole Data In Recent Security Breach (2026)

Grubhub Confirms Hackers Stole Data In Recent Security Breach (2026)

2026-01-15 0

Trending

1

Tech: Go-legacy-winxp: Compile Golang 1.24 code for Windows XP

2026-01-15 • 4457 views
2

Tech: Data is the only moat

2026-01-15 • 4133 views
3

Tech: Pocket TTS: A high quality TTS that gives your CPU a voice

2026-01-15 • 3239 views
4

Tech: AWS European Sovereign Cloud

2026-01-15 • 2741 views
5

Tech: JuiceFS is a distributed POSIX file system built on top of Redis and S3

2026-01-15 • 2719 views