Security News > 2020 > March > Stolen data of company that refused REvil ransom payment now on sale

Stolen data of company that refused REvil ransom payment now on sale
2020-03-23 12:29

Operators of the Sodinokibi Ransomware as a Service recently published over 12GB of data that allegedly belongs to one of its victims - Brooks International - that refused to pay ransom.

Sodinokibi - a GandCrab derivative blamed for numerous attacks that took place last year - is a prime example of RaaS. BleepingComputer shared a screengrab of one such hacker forum post that showed a member advertising a link to the stolen data for 8 credits: that's worth about €2.

The data dump, if it proves legitimate, will prove highly valuable to cybercrooks, as it contains usernames and passwords, credit card statements, alleged tax information, and far more, according to BleepingComputer.

BleepingComputer tried to get in touch with Brooks to give the firm a heads-up about their data being sold.

REvil isn't the only ransomware that pried open unpatched systems - Pulse Secure VPNs, to be precise - to break into company networks.


News URL

https://nakedsecurity.sophos.com/2020/03/23/stolen-data-of-company-that-refused-revil-ransom-payment-now-on-sale/