REvil partners confirmed the fact of fraud by the group

Share on facebook
Share on twitter
Share on linkedin
Share on reddit
Share on email

One of the participants in the Russian-language hacker forum Exploit renewed claims against REvil from May of this year.

The partners of the operators of the ransomware REvil on a Russian-language hacker forum demanded that the group pay for the stolen ransom share. Media outlets previously wrote , information security specialists from Advanced Intelligence discovered a backdoor that allegedly allowed operators of the REvil ransomware software to intercept the chats of their partners and victims and receive the entire amount of the ransom paid.

When a ransomware partner breaks into the network and tries to provide persistence on the system, REvil operators transmit the payload to the partner to infect the network and encrypt the data. If the victim pays the ransom, the partner group gets 70% of that amount for doing all the work of compromising the network, stealing data, and encrypting it. REvil members receive the remaining 30% in exchange for providing ransomware that partners use to take control of victims’ data and systems.

But when negotiations

Read the article