Fraudulent Twitter emergency disclosure used to target cyber researcher

CyberScoop reports that Twitter may have inadvertently shared users' personal information as a response to a phony emergency request by a threat actor dubbed "Lalartu" or "Sheriff" to target security researchers and bloggers. Lalartu and Sheriff have been associated with Aleksandr Sikerin, a Russian citizen indicted by federal prosecutors for being a REvil ransomware affiliate. Security researchers and bloggers have been threatened as they have made their work more difficult, according to the actor claiming to be Sikerin. Recorded Future Intelligence Analyst Allan Liska noted the rising concern within the security community amid the emergence of Lalartu. Growing ransomware expertise among private cybersecurity threat intelligence firms and security researchers has prompted ransomware operators to launch more aggressive retaliatory efforts, according to Liska. The incident, in particular, should prompt Twitter to bolster its data sharing policies. "Thats the medium that so many security researchers use, thats the medium we use to share information, thats the medium that we use to communicate with each other, more so than any other. Unfortunately Twitter does have a level of responsibility here that they need to figure out," Liska added.