Cyber-security companies are warning about the rise of so-called ‘extortionware’ where hackers embarrass victims into paying a ransom.

Hacked firm’s IT Manager named and shamed by hackers in extortion technique.

But the site’s cybersecurity measures appear to be lacking.

Several other Nifty Gateway users reported that their accounts had been hacked. “My entire account was just hacked and the person who got in wasn’t even booted after changing my password?!” one user wrote in a tweet.

According to a Nifty spokesperson who spoke to Motherboard, the company was aware of the fraudulent activity. The company claims the affected users didn’t have two-factor authentication turned on and that “access was obtained via valid account credentials.”

Cybersecurity researchers have unwrapped an “interesting email campaign” undertaken by a threat actor that has taken to distributing a new malware written in Nim programming language.

Dubbed “NimzaLoader” by Proofpoint researchers, the development marks one of the rare instances of Nim malware discovered in the threat landscape.

“Malware developers may choose to use a rare programming language to avoid detection, as reverse engineers may not be familiar with Nim’s implementation, or focused on developing detection for it, and therefore tools and sandboxes may struggle to analyze samples of it,” the researchers said.

It didn’t take long. Intelligence agencies and cybersecurity researchers had been warning that unpatched Exchange Servers could open the pathway for ransomware infections in the wake of swift escalation of the attacks since last week.

Now it appears that threat actors have caught up.

According to the latest reports, cybercriminals are leveraging the heavily exploited ProxyLogon Exchange Server flaws to install a new strain of ransomware called “DearCry.”