Skip to content

A group of ransomware attacks again by running auctions with the stolen data

June 9, 2020

The REvil Ransomware Group has launched another online auction, in which the stolen confidential data is assessed by two US law firms.

The list appeared on June 6 through the official REvil blog on Darknet, where bidders attempt to get 50 GB of Fraser Wheeler Courtney LLP data and 1.2 TB from the Vierra Magen Marcus LLP database.

Fraser Wheeler  Courtney LLP

A group of ransomware attacks again by running auctions with the stolen dataA group of ransomware attacks again by running auctions with the stolen data

The auction data includes information about its customers, in-house documentation, electronic correspondence, patent agreements, plans and commercial projects, as well as new technologies that have not yet been patented.

A law firm related to intellectual property among its victims

The law firm Vierra Magen Marcus LLP specializes in intellectual property rights, according to REvil. The company’s customers include more than 650 technology companies and individuals, including startups from Asus, Toshiba, Seagate, Nissan, LG, Silicon Valley and “larger companies”.

The initial auction price for Fraser Wheeler Courtney LLP is $ 30,000 to pay for Bitcoin (BTC) in less than a week or the group threatens to publish the data, according to the countdown displayed at the time of publication.

Possible motivations for auctions.

Brett Callow, a threat analyst at Emsisoft’s malware lab, told Cointelegraph: REvil, began auctioning data after Grubman Shire Meiselas Sacks’ payment could not be extracted, the law firm that represents Madonna, and adds:

“He suspected that the main goal of auctions is not to generate income, but to increase engagement for future victims. The idea of ​​auctioning off data and selling it to competitors or other criminal companies could worry companies much more than just that in a Tors dark side to be published and therefore offer them an additional incentive to pay the lawsuit. “

Callow warns that ransomware has grown into a multi-billion dollar industry where tactics become more extreme and the amounts required increase. He remarked: “They quickly become super predators.”

The threat analyst said what companies need to do to curb ransomware attacks:

“The only way to reverse this trend is to reduce cash flow. This means that companies will no longer have to pay ransom payments. If this does not happen, the attacks will continue to be more sophisticated and difficult to defend.”

Cointelegraph reported on June 7, a study by Digital Forensics, the Crypsis Group, that the amounts claimed by ransomware attackers had increased as the number increased by 200% between 2018 and 2019.