Lorenz ransomware crew bungles blackmail blueprint by leaking two years of contacts


Over the last two years, the Lorenz ransomware organization released the personal information of everyone who contacted them via its online contact form. When a security researcher discovered Lorenz’s dark web victim blog was leaking backend code, he extracted the information and uploaded it to a public GitHub repository.

The Register contacted a selection of the persons involved in the incident, and they all verified they had contacted Lorenz in the previous two years. The data entries in the leak begin on June 3, 2021 and terminate on September 17, 2023, the date the contact form broke. According to security firm Cybereason, the Lorenz group was first noticed in February 2021, therefore the exposed data virtually encompasses the entire period.

Read More…