Security News > 2020 > June > REvil Ransomware Gang Adds Auction Feature for Stolen Data

The REvil ransomware gang has added an auction feature to its underground website that allows anonymous bidding on information stolen in its targeted ransomware campaigns.

As for why the latter's data is so valuable, "Data stolen from the intellectual property law firm reportedly includes information related to new technologies and unfiled patents that, given the high-profile client list, likely explains the high starting and blitz prices," the firm noted in a report Monday, adding that the data would possibly be of interest to competitors or even a nation-state seeking to gain economic advantages.

It works with Lady Gaga, Drake and Madonna, among others, and the REvil gang claims to have stolen 756 gigabytes of data in the attack - including non-disclosure agreements, client contracts and personal correspondence.

"Whilst the creation of their own auction facility allows REvil to directly monetize their stolen data, without the need to pay commission to third-party forums or marketplaces, it remains to be seen what will happen to any stolen data if the auctions fail to attract any bidders," Cyberint concluded.

"Aside from reducing the auction starting price, it is possible that REvil make seek to offload seemingly valuable data via other sources if these auctions prove unsuccessful."

News URL

https://threatpost.com/revil-ransomware-gang-auction-stolen-data/157006/