In a process that can only be described as karma, cybercriminals were caught and complained that the ransomware they created and leased to others was used against them! These malware creators are actually the target of other cybercriminals, and they are now stealing ransom from them! Surprisingly, the people allegedly deceived by the ransomware group actually rented out the malware to these cybercriminals.
According to a ZDNet report, cybercriminals who have been using REvil ransomware to negatively affect major companies in the past few months have collected more than the agreed reduction in exchange for a license to use the ransomware tool. The REvil ransomware is behind some of the most notorious attacks against companies such as Acer, Quanta (Apple manufacturing partners), and Kaseya. Like the Conti ransomware variant, it is widely regarded as the most evil ransomware in the world One of the software tools. According to Tech Monitor, malware accounted for 13.1% of incidents in 2021.
These ransomware-as-a-service groups provide non-technical users with a way to choose and target victims in exchange for a reduction in the amount of ransom. According to the report, these complaints were discovered by the risk intelligence company Flashpoint on Russian underground forums, including users who said that the “partner program” was bad and the ransomware collective could not be “trusted”.
Another user claimed that negotiations to pay a ransom of $7 million (the victim tried to reduce the amount of the ransom) were affected by a “backdoor” that reportedly led to the conclusion of the negotiation. According to the report, on September 20, a backdoor allowed malware creators to bypass access by “customer” criminals who were able to decrypt ransomware files—effectively allowing creators to steal ransom money and remove “customer” criminals from Excluded from ransom transactions.
Whether these allegations will affect the popularity of REvil ransomware remains to be seen. Compared to any other ransomware tools in use today, it is currently one of the most popular ransomware as a service.
News Source : HT Tech