Skip to Content
Ransomware blackmailing insurance
© Chernetskaya |
Security & privacy

This tricky ransomware uses your insurance company against you

Cybercriminals have a new twist on ransomware that takes a strange turn. They infect victims’ devices with HardBit 2.0 malware that encrypts critical files. To get access back to those files, you must pay a fee. Here’s the twist. They try getting information from you that would make your insurance company pay the ransom.

Read on for details on this tricky scheme and ways to stay protected.

What is HardBit 2.0?

HardBit 2.0 is ransomware designed to infiltrate your computer or smartphone and encrypt any valuable data it finds. Then, you’re given a choice: pay a hefty ransom or lose access to your files. 

This new scheme takes an unexpected turn. The crooks use cybercrime insurance as a means to an end. Sometimes, they dare to ask you for policy information so the ransom may be adjusted to fit your insurance plan.

Once your system is infected with the HardBit malware, it copies itself to the Startup folder and drops a plain text ransom note and an HTML application into your desktop.

According to Techradar, the note reads, “To avoid all this and get the money on the insurance, be sure to inform us anonymously about the availability and terms of the insurance coverage, it benefits both you and us, but it does not benefit the insurance company.”

Terrifying? Absolutely, and it’s totally real.

You’re directed to the attacker’s TOX messenger account and asked to pay up, or all your important files are lost forever. If 48 hours pass without a response, the thieves threaten that the ransom demand will be doubled.

HardBit was first released in October 2022. Since then, it’s been used to target businesses and ordinary people, often through extortion, dishonesty and other diabolical tactics. The threat actors behind the endeavor threaten to lock you out of your files if the ransom isn’t met.

The following points of contact have been confirmed to be associated with the scheme:

  • alexgod5566@xyzmailpro[.]com.
  • filetest@decoymail[.]net.
  • filetest@onionmail[.]org.
  • godgood55@tutanota[.]com.

These threat actors rely mostly on tactics like intimidation. In many cases, the victims void their policy if they share insurance information, and they’re left without a decryption key if they refuse to cooperate.

How to stay protected from ransomware

Here are steps you can take to minimize the chances of becoming a victim of cybercrime, including ransomware:

  • Continually update your computer’s operating system, your device and installed apps. Vulnerability and security patches plug holes in the system that hackers exploit.
  • Don’t click on links or attachments that you receive in unsolicited emails.
  • Use two-factor authentication (2FA) where possible. This creates an additional step for logging into your accounts and keeping your data safe.
  • Never download apps from third-party libraries. These often harbor malware, so instead, you must only download files and apps through the official channels.
  • Have trustworthy antivirus software on all your devices. We recommend our sponsor, TotalAV. Right now, get an annual plan of TotalAV Internet Security for only $19 at That’s over 85% off the regular price!
  • If you think (or want to check) that your email address has been exposed to hackers and sold on the Dark Web, visit the HaveIBeenPwned website. It is a quick tool to check if your details are compromised. Tap or click here to see how it works.

The best way to protect against ransomware is to back up all your essential information. That way, you are never at the mercy of ransomware attacks. Just restore your device to a secure backup, and don’t think about paying a ransom.

But you need a cloud backup service that you can trust. We recommend our sponsor, IDrive.

IDrive protects all your PC, Mac, iPhone, iPad and Android devices with just one account. Its versatile and user-friendly platform has made saving and recovering data simple for small businesses and individuals.

Kim has negotiated a killer deal for you. Tap or click here to save 90% on 5 TB of cloud backup today with IDrive!

Komando Community background

Join the Komando Community

Get even more know-how in the Komando Community! Here, you can enjoy The Kim Komando Show on your schedule, read Kim's eBooks for free, ask your tech questions in the Forum — and so much more.

Try it for 30 days