Bleeping Computer talks about the unusual activity of the underground marketplace Marketo, which specializes in the sale of stolen information. The administration of the resource sends letters to the competitors of the affected companies, offering to buy the stolen information.
Marketo is a relatively new resource that appeared this spring. Back in May, the owner of the marketplace began to contact the media and cybersecurity researchers to promote his website. “We are introducing the new marketplace Marketo, which will soon become the best place to find, buy and sell any information about any company,” wrote the administrator.
When reporters asked a Marketo representative where the administration of the trading platform takes information from (whether it steals it itself or receives it from other hack groups), they said that “this is just a trading platform for people who have information to sell, we do not hack companies.”
Now it is reported now that the administration of the marketplace has begun to contact the competitors of the affected companies (whose data can be purchased on Marketo), offering them samples of information and offering to buy them.
For example, in April of this year, a statement appeared on Marketo about the hacking of a large company working in the field of heavy engineering and defense technologies. It seems that buyers for this information could not be found, and representatives of Marketo began to send letters to the victim’s competitors in order to offer them a “demo package” of the stolen data. The list of competitors that received such messages includes unnamed billion-dollar international companies whose names, according to journalists, are familiar to everyone.
“Hello, we are Marketo and we know that you have a competitor – Komatsu. Therefore, we would like to inform you that we attacked them and downloaded quite a lot of data. We have confidential and personal data, information about their tax payments, clients and partners. This can seriously reduce the NASDAQ price”.
In general, trying to attract the attention of competitors is not a new tactic for ransomware. For example, when the Clop hack group hacked vulnerable Accellion FTA devices to steal data, the attackers did the same: the group notified victims and journalists about their attacks and theft of information to the victims and journalists in order to put pressure on their victims.