From darkreading.com
Making extra money from victims appears to be the goal, Symantec says.
Operators of Sodinokibi — one of the biggest ransomware threats currently targeting enterprise organizations — appear to have hit on a new tactic to try and generate extra money from victims.
Security researchers at Symantec recently spotted a Sodinokibi ransomware campaign where the attackers are scanning the networks of their targets for credit-card or point-of-sale (POS) data. It is unclear whether the attackers are targeting the data for encryption or they view it as another way to make money from their victims.