The REvil Ransomware (Sodinokibi) operators have deposited $1 million in bitcoins on a Russian-speaking hacker forum to prove to potential affiliates that they mean business.
Some hacker forum allows members to deposit funds that can be used to buy any kind of illicit services or product offered by other members.
Affiliates are essential to spread malicious code through hacking operations against businesses.
Usually, an affiliate gets 70-80% of the ransom payments they generate.
The REvil RaaS is a private operation, which means that potential affiliates are vetted and interviewed before they are allowed to join the program.
The selection of affiliates is a crucial process in the success of the cybercrime scheme, for this reason, REvil operators personally select each people they want to include in their program.
Now REvil ransomware operators have published a post on a cybercrime forum to recruiting new affiliates, preferably hackers with penetration testing capabilities.
As part of this recruitment process, REvil is looking for teams of skilled hackers at penetration testing or experienced individuals.
To attract the attention of the potential hackers to recruit as affiliates, the gang has deposited approximately $1 million (99 Bitcoins), on the hacker forum. Below an excerpt from the post published by REVil ransomware operators and shared by BleepingComputer:
The deposit demonstrates that the ransomware operators have a profitable business and trust the hacker forum and don’t fear an exit scam of its administrators
[adrotate banner=”9″] | [adrotate banner=”12″] |
(SecurityAffairs – hacking, REvil ransomware)
[adrotate banner=”5″]
[adrotate banner=”13″]
As cryptocurrencies have grown in popularity, there has also been growing concern about cybercrime involvement…
Healthcare service provider Kaiser Permanente disclosed a security breach that may impact 13.4 million individuals…
Over 1,400 CrushFTP internet-facing servers are vulnerable to attacks exploiting recently disclosed CVE-2024-4040 vulnerability. Over…
A ransomware attack on a Swedish logistics company Skanlog severely impacted the country's liquor supply. …
CISA adds Cisco ASA and FTD and CrushFTP VFS vulnerabilities to its Known Exploited Vulnerabilities…
U.S. CISA added the Windows Print Spooler flaw CVE-2022-38028 to its Known Exploited Vulnerabilities catalog.…
This website uses cookies.