The cybercrime group, which joined the conservative-leaning website on Jan. 11, has already posted the name of one medical equipment company that it claims to have hacked.
The discovery was made this week by Brett Callow, a threat analyst with the cybersecurity firm Emsisoft.
Ransomware groups work by infecting and encrypting the contents of a computer network before demanding a ransom to return the data. If a victim refuses to pay, the group will often resort to publishing the victim’s data online.
The Daily Dot was able to locate the Parler profile in question but is declining to name the group to avoid pressuring the company into giving into the ransomware group’s demands. Callow says he came across a link to the profile in a ransom note sent by the gang to one of its victims.
While ransomware gangs most often use the dark web to avoid having their websites and hacked data censored, Emsisoft noted last month that some groups have begun using social media in order “to bring news of their conquests to a wider audience and put more pressure on victims to pay the ransom.”
“It’s easy for ransomware victims to be lethargic when a data leak is confined to an obscure Tor website that the average Joe will never see,” the company noted. “It’s a different story when that same stolen sensitive data is being publicly discussed and shared on mainstream social media platforms.”
In fact, the ransomware group now operating on Parler had previously ran accounts on Twitter and Tumblr. Both accounts would later be removed.
Callow told the Daily Dot, however, that he believes this is the first time a ransomware group has decided to use Parler.
“Social media platforms are useful tools for cybercriminals as they enable stolen data to be easily shared,” Callow said. “And, of course, the prospect of having their data shared on Twitter, Tumblr, or Parler probably concerns companies more than the prospect of it being shared on an obscure site.”
The Daily Dot reached out to Parler, which touts itself as an anti-censorship platform, to inquire about its policies regarding cybercrime but did not receive a response by press time.
Callow further argued that the issue could become worse in the future if social media companies fail to take action.
“While victims can request that platforms remove hacked data or links to hacked data, the process is not necessarily speedy,” Callow said. “If social media companies want to avoid their platforms being used for extortion, they need to address this problem.”
Ransomware gangs made headlines in 2021 for numerous high-profile attacks, including one against Colonial Pipeline. The attack resulted in a run on gasoline and later fuel shortages along the East Coast.