Hello, you are using an old browser that's unsafe and no longer supported. Please consider updating your browser to a newer version, or downloading a modern browser.

Global Accelerated Learning • Est. 1999
Glossary Term Double Extortion Ransomware

Training Camp • Cybersecurity Glossary

What is Double Extortion Ransomware?

Double extortion ransomware both encrypts and steals data, threatening to leak the stolen files unless paid, pressuring even victims with good backups.

Glossary > Threats, Malware & Attacks > Double Extortion Ransomware

Understanding Double Extortion Ransomware

Double extortion ransomware is an attack technique in which threat actors both encrypt a victim's data and exfiltrate a copy of it before encryption, then threaten to publish or sell the stolen data unless a ransom is paid. This adds a second source of leverage so that even organizations with reliable backups face pressure, because restoring systems does not prevent the public leak of sensitive information. The tactic became widespread around 2019-2020 and is now standard among major ransomware-as-a-service groups.

Learn More About Double Extortion Ransomware:

Ready to Get Certified?

Double Extortion Ransomware is one of the topics you'll master in the CEH Boot Camp.

CEH Boot Camp →