A prolific ransomware group that targets organisations around the world looks for sensitive info and files that suggest its victims are aware of illegal activity, with the aim of exploiting this as additional leverage in their hunt to make money from ransom payments.
The Mespinoza ransomware group – also known as PYSA – demands millions of dollars in exchange for a decryption key and threatens to publish private information stolen from the compromised network if the victims don’t pay.