If you contact the police, we *will* leak your data – warns Ragnar Locker ransomware gang

Graham Cluley
Graham Cluley
@

 @grahamcluley.com
 @[email protected]

If you contact the police, we *will* leak your data - warns Ragnar Locker ransomware gang

The Ragnar Locker group, a gang of cybercriminals behind a series of costly ransomware attacks against companies, has warned victims that they should not seek the assistance of law enforcement agencies.

The group, which also tells victims that they should also not work with firms which specialise in helping companies negotiate with cybercriminals in the wake of a ransomware attack, posted a statement on its darknet website saying that it would punish any “clients” by publishing their stolen data immediately.

So from this moment we warn all our clients, if you will hire any recovery company for negotiations or if you will send requests to the Police/FBI/Investigators, we will consider this as a hostile intent and we will initiate the publication of whole compromised Data immediately.

Ragnar locker warning

Here’s the full text of what Ragnar Locker has said (apologies for the poor grammar):

In our practice we has facing with the professional negotiators much more often in last days. Unfortunately it’s not making the process easier or safer, on the contrary it’s actually makes all even worse. Such negotiator are usually working in recovery-companies affiliated or even working directly in Police/FBI/investigation agency and etc. They are totally not interested in commercial success of their clients or in safety of theirs private data.

So from this moment we warn all our clients, if you will hire any recovery company for negotiations or if you will send requests to the Police/FBI/Investigators, we will consider this as a hostile intent and we will initiate the publication of whole compromised Data immediately. Don’t think please that any negotiators will be able to deceive us, we have enough experience and many ways to recognize such a lie. Dear clients if you want to resolve all issues smoothly, don’t ask the Police to do this for you. We will find out and punish with all our efforts.

There’s only one reason why the Ragnar Locker group would be telling its victims not to bring in ransomware recovery firms and the police – it’s worried that it’s hurting business.

Ransomware gangs aren’t keen on anyone successfully managing to skillfully negotiate a smaller ransom payment, or worse yet help a business recover its data without paying any ransom at all – let alone stirring more interest in the group from law enforcement groups such as the FBI.

Sign up to our free newsletter.
Security news, advice, and tips.

The ransomware gangs would much rather you only spoke to them, and that the police and others were not brought in to assist.

The question is – when your company gets hit by Ragnar Locker, are you going to let them determine the rules or not?

Past victims of the Ragnar Locker ransomware include the gaming company Capcom, drinks firm Campari, and Taiwanese memory and storage manufacturer ADATA.


Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "The AI Fix" and "Smashing Security" podcasts. Follow him on Bluesky, Mastodon, and Threads, or drop him an email.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.