The HardBit ransomware group has allegedly offered to set ransom demands based on victims’ cyberinsurance coverage. The ransomware emerged in October 2022, and security researchers state that the threat actors behind the malware launched version 2.0 a month later, in November 2022. Organizations who have been targeted by HardBit ransomware typically have their files encrypted. It is likely that the organization’s main motivation is to steal victim’s data, however, security researchers have not identified a live website where the group leaks data and names their targets.

Additionally, security researchers state that the group does not specify a ransom price in the notes it drops on compromised systems. Instead, the company is told to contact the hackers via email or an instant messaging platform hosted on Tor. When a victim has cyberinsurance, the hackers ask them to provide details so they can set the ransom amount accordingly. Security researchers report that the group has stated it does not want to demand more than the policy allows, but they also do not want to receive a low amount.

Read More: HardBit Ransomware Offers to Set Ransom Based on Victim’s Cyberinsurance