The REvil ransomware gang is auctioning off delicate info, stolen from debit card companies supplier, Interacard.In keeping with REvil’s web site,
The REvil ransomware gang is auctioning off delicate info, stolen from debit card companies supplier, Interacard.
In keeping with REvil’s web site, the data is on the market in an public sale itemizing revealed by the group. All potential bidders are required to pay utilizing Monero (XMR).
REvil has beforehand solely auctioned information in circumstances the place their name-and-shame techniques fail to extract fee from a focused firm. That doesn’t seem like the case this time, nonetheless.
Speculation behind going on to the public sale stage
Talking with Cointelegraph, Brett Callow, risk analyst at malware lab Emsisoft offered some potential causes behind REvil’s techniques:
“On this case, REvil seems to have bypassed their traditional name-and-shame technique and gone on to the public sale stage. The group could have performed this within the perception that the info is value greater than the corporate can be prepared to pay, or the info may have been obtained in an assault that occurred prior them launching their leak web site in February of this yr. If the group is now auctioning information from older incidents, that may clearly be unhealthy information for any corporations which have been attacked by REvil previous to February. Their information may quickly be put up for public sale.”
If it’s true that the ransomware gang is merely auctioning information from previous assaults, Callow believes that corporations attacked between April 2019 (when the ransomware was first recognized) and February 2020 (when the group launched their web site) at the moment are susceptible to having their information publicly leaked.
Particulars of the delicate info leaked
The public sale lists databases, paperwork from HR and accounting, technical documentation, buyer info, and Level of Sale, or POS, firmware sources and builds.
In keeping with the itemizing, the public sale begins at $100,000, and has lower than 4 days remaining as of press time. It’s not clear whether or not REvil will leak as soon as the countdown finishes.
REvil not too long ago launched one other sequence of assaults in opposition to three corporations within the U.S. and Canada. The businesses are well-known Canadian accounting agency, Goodman Mintz LLP, licensed actual property dealer Strategic Websites LLC, and ZEGG Accommodations & Retailer, a duty-free retailer.