New RansomHouse extortion group: The victims are to blame!


A new player has appeared in the cyber extortion arena – the RansomHouse group. It is noteworthy that she does not use any ransomware, but hacks the networks of organizations through known vulnerabilities and steals data.

The group itself does not take any responsibility for its actions and accuses the affected organizations of not providing proper protection to their networks and offering “ridiculously small” rewards under bug bounty programs.

“We believe that those who discovered the vulnerability and carried out the hacking are not to blame, but those who did not take care of security. Those who did not hang a lock on the door are to blame, but left it wide open, inviting everyone,” the About Us section of the RansomHouse website says.

The RansomHouse group allegedly began its activities in December 2021 with an attack on the Saskatchewan Liquor and Gaming Authority (SLGA), which is now present in the list of victims on the group’s website.

The site itself was launched this month, and in addition to SLGA, three other organizations appear on the list of victims. The last to be added was a German airlines contractor allegedly attacked last week.

It is noteworthy that RansomHouse also publishes links to social media posts on the site for victims with whom negotiations are still underway to pay a ransom. Obviously, in this way, the extortionists emphasize the publicity of their attacks and hope that this will make the victims more compliant.

If the victim refuses to pay the ransom, her data is sold to other cybercriminals. In the absence of interested buyers, the group publishes the stolen information on its website.

Where RansomHouse came from is unknown. However, according to Cyberint information security specialists, the group communicates very politely with other representatives of the cybercrime community and does not get into disputes. In addition, she stated that she adheres to liberal views and will not cooperate with radical hacktivists or spy groups. In this regard, experts concluded that disappointed penetration testers are behind the RansomHouse project, dissatisfied with bug bounty’s too low remuneration and poor cybersecurity practices.

Start a discussion …