REvil ransomware group dangles $1m carrot

Read time 2min 00sec

The notorious REvil ransomware group is dangling a $1m carrot into a hacker forum in an attempt to recruit new partners in crime. The group is looking to hire those with penetration testing and other hacking skills.

The majority of ransomware groups work as ransomware as a service (RaaS). The groups author and provide the necessary malware, while the affiliates handle the actual hacking and encryption of data. Upon encryption, the attackers demand ransom in exchange for release of data.

In general, the ransomware groups receive a cut of around 20% to 30% of the earnings, and the affiliates pocket the rest. REvil’s $1m offer highlights the vast sums of money which RaaS groups earn.

Ilia Kolochenko, founder and CEO of Web security company ImmuniWeb, says the modern cyber crime industry is exceptionally well organised compared to the cyber security industry.

“While most cyber security startups have access to venture funding while losing money, cyber criminals need to be profitable from day one so they have no time for mistakes. They work hard around the clock, meticulously planning every single step of their cyber campaigns, aptly overpassing security teams who are already extremely busy with COVID-19 havoc and growing understaffing challenges in large organisations.”

Ransomware extortion tactics, which are now successfully expanding into the cloud and IOT, are a virtually risk free and highly reliable way to make victims pay, he adds.

“Crypto-currencies preclude most of the investigations and provide a fairly easy way to cash out the loot. Working from home and incomplete visibility of external attack surface bring a wide spectrum of amazing opportunities for attackers. They need no zero-day or expensive APT tactics, they just pick up an easy target from myriad low-hanging fruit."

Reportedly, a growing number of security researchers get deeply disappointed with commercial bug bounty programmes, while global unemployment is bolstered by the spiralling pandemic, he explains.

Kolochenko says we should expect more talented young professionals to join cyber gangs before the end of the year. “Ransomware is likewise poised to surge, becoming a predominant concern for security professionals.”

See also