Labor justice The old adage “there is honor among thieves” doesn't seem to be confined to cybercriminals. Groups using ransomware as a service are complaining of being robbed by scammers who rent malware from them.
ZDNet writes that the group behind the infamous REvil ransomware - the same group used in attacks on Kaseya, Acer and partner Apple Quanta - is renting the malware to other criminals in exchange for a second cut. I give you. Victims' ransom.
Surprisingly, this group of thieves does not appear to be reliable. On September 20, a representative discovered a hidden threat lurking in REvil ransomware that allows developers to recover encrypted files without the involvement of affiliates. Negotiate with the victims and pay the ransom.
Flashpoint Danger Information writes that the discovery was protested in Russian in secret forums, and one user claims that a backdoor led to negotiations to suddenly pay $7 million in ransomware. Another "bad partner program" used by ransomware groups complained that "you can't trust it". Relatives who find themselves in this situation have little way to go. Someone says that trying to confront this group was tantamount to "judging" Stalin. According to Tech Monitor, REvil is the most popular ransomware program alongside Conti, found in 13.1% of incidents this year.
Image Credit: Africa Studio, Andrey_Popov
Ransomware groups get angry at other criminals for stealing ransom