Browse Definitions :
Definition

doxware (extortionware)

Contributor(s): Ivy Wigmore

Doxware, also known as extortionware, is a software used for an exploit in which a hacker accesses the target's sensitive data and threatens to publish it if the victim does not meet his demands, which are typically for money. The term comes from doxing, hacker-speak that means accessing and publishing private information about an individual or an organization.

Doxware is a variation on ransomware, malware used to access the target's data and then make it impossible for the victim to access that data himself.    Ransomware has become less profitable as more organizations have realized the importance of backing up their data to prevent loss and meet compliance and data governance requirements.

Doxing usually involves researching a target, accessing the target’s data and publishing it. In contrast, doxware uses the ransomware technique of broad-scale phishing attacks. However, doxware attackers take a further step, exfiltrating the data and exploring it to find potential doxing targets. As with ransomware, the hacker typically encrypts the victim’s data and demands payment to relinquish the key, in addition to refraining from broadcasting the sensitive data.

Although the terms doxware and extortionware are used synonymously, a distinction can be made between the two. As in conventional ransom, ransomware takes a hostage (data, in the case of the malware), while extortionware threatens harm of some sort if demands are unmet. In the case of doxware, the type of harm is specified: Exposure of personal data.

This was last updated in January 2017

Continue Reading About doxware (extortionware)

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.

-ADS BY GOOGLE

File Extensions and File Formats

SearchCompliance

SearchSecurity

  • GPS jamming

    GPS jamming is the process of using a frequency transmitting device to block or interfere with radio communications.

  • time-based one-time password (TOTP)

    A time-based one-time password (TOTP) is a temporary code, generated by an algorithm, for use in authenticating access to ...

  • incident response

    Incident response is an organized approach to addressing and managing the aftermath of a security breach or cyberattack, also ...

SearchHealthIT

SearchDisasterRecovery

  • disaster recovery team

    A disaster recovery team is a group of individuals focused on planning, implementing, maintaining, auditing and testing an ...

  • cloud insurance

    Cloud insurance is any type of financial or data protection obtained by a cloud service provider. 

  • business continuity software

    Business continuity software is an application or suite designed to make business continuity planning/business continuity ...

SearchStorage

  • network-attached storage (NAS)

    Network-attached storage (NAS) is dedicated file storage that enables multiple users and heterogeneous client devices to retrieve...

  • SSD (solid-state drive)

    An SSD (solid-state drive) is a type of nonvolatile storage media that stores persistent data on solid-state flash memory.

  • NAND flash memory

    NAND flash memory is a type of nonvolatile storage technology that does not require power to retain data.

Close