Security News > 2020 > June > REvil Ransomware Gang Starts Auctioning Victim Data

The criminal group behind the REvil ransomware enterprise has begun auctioning off sensitive data stolen from companies hit by its malicious software.

Prior to this auction, REvil - like many other ransomware gangs - has sought to pressure victim companies into paying up mainly by publishing a handful of sensitive files stolen from their extortion targets, and threatening to release more data unless and until the ransom demand is met.

Lawrence Abrams, editor of the computer help and news Web site BleepingComputer, said while some ransomware groups have a history of selling victim data on cybercrime forums, this latest move by REvil may be just another tactic used by criminals to force victims to negotiate a ransom payment.

"Others have gotten the message about the need for good backups, and probably don't need to pay. But maybe if the victim is seeing their data being actively bid on, they may be more inclined to pay the ransom."

Abrams said other ransomware groups have settled on different methods to increase victim payouts, noting that one prominent gang is now doubly extorting targets - demanding one payment amount in return for a digital key that can unlock files scrambled by the malware, and another payment in exchange for a promise to permanently delete data stolen from the victim.

News URL

https://krebsonsecurity.com/2020/06/revil-ransomware-gang-starts-auctioning-victim-data/