REvil Group is Hiring Hackers!
One may generally imagine the whole ransomware operation is done by an individual or a bunch of the same kinds. But, there’s a variant called Ransomware-as-a-service (RaaS), which divides the whole operation between two parties. Under the RaaS model, malicious developer craft the ransomware malware and hire hackers or insiders to distribute it. The hackers, on the other hand, look out for bugs in target machines to exploit and deploy the procured ransomware to steal data and encrypt systems. And the aftermath of this incident – leaving a ransom note to inform them about the hackers and demanding a ransom for a decryptor is known to all. Thus, dividing the work like crafting a malware and the payment site by ransomware group earns them 20-30% commission of all the ransom revenues generated by affiliated hackers. In this model, the REvil (Sodinokibi) group is found to be hiring new affiliates from a Russian-speaking hacker forum. This was tipped by Damian to BleepingComputer, who found the REvil group has updated their requirements in a recruitment post. They called out To make their post more serious, they have deposited 99 Bitcoins (equivalent to $1 million) to their wallet, hosted by the forum site. This shows how well the REvil group is earning and how reckless they are to spend. This could be a risk to members since the current chances of the site owner who hosts the wallets may steal the cryptocurrencies.