Erika Totaro is an Intelligence Analyst for the Malware and Cyber Threats team at the National Cyber-Forensics and Training Alliance (NCFTA). Her areas of interest include long term malware investigations, ransomware analysis, and darkweb forum scraping. She recently graduated from Seton Hill University (Greensburg, PA) with a Bachelor of Science in Computer Science and a Bachelor of Science in Cyber Security.
In November 2019, Maze ransomware became the first ransomware variant to create a “shame site” (aka leak site, blog site) and threaten to post data stolen from a victim in an attempt to extort them into paying a ransom. Throughout 2020, several ransomware variants adopted this tactic and created their own shame sites, furthering the extortion of ransomware victims. As a result, approximately 11 percent of all ransomware attacks involve data theft. NCFTA will provide an overview of the ransomware variants currently leaking stolen data via shame sites.