Ransomware group opens dark web auction house to sell stolen data

By Davey Winder for SC Media
Thursday, June 4, 2020

• 4.2k
• More

When the demanded ransom of US$ 21 million (£16.75 million) wasn't forthcoming, REvil raised the stakes and the ransom: unless US$ 42 million (£33.5 million) was paid, then "a ton of dirty laundry" in the form of documents relating to President Trump would be published. This turned out to be something of a hollow threat as it happens, after declaring the threat actors cyber terrorists and denying payment once more, REvil published169 emails supposedly relating to Trump which turned out to be more damp squib than smoking gun.

REvil very quickly then claimed these were the least damaging documents, and that the remainder had been sold to an interested party. This "relatively new but rapidly growing scenario of the exaggeration of nature or value of data stolen and encrypted by ransomware," Ilia Kolochenko, CEO at ImmuniWeb, said, plays on the fact that many enterprises have limited visibility of their attack surface. "Once a machine is hacked and encrypted, victims may well believe that attackers will find a backup of their database, critical source code or other important trade secrets," he concluded. Read Full Article