The ransomware group, REvil, is auctioning confidential information, stolen from the debit card service provider, Interacard.
According to REvil’s website, the information is available on an auction list published by the group. All potential interested bidders must pay with Monero (XMR).
Ethereum update indicates that version 2.0 is on its way
Previously, REvil had only auctioned data in cases where its naming and shaming tactics failed to extract payment from the victim company. However, this does not appear to be the case here.
A bug in the Bancor compromised the Ethereum’s DeFi system
Assumptions behind to perform directly the auction
Speaking with Cointelegraph, Brett Callow, a threat analyst at the malware lab, Emsisoft, provided some possible reasons behind REvil’s tactics:
„In this case, REvil seems to have overlooked their usual naming and shaming strategy and gone straight to the auction. The group may have done this in the belief that the data is worth far more than the company would be willing to pay, or that the data could have been obtained in an attack that occurred before they launched their leak site in February of this year. If the group is now auctioning data from older attacks, this would obviously be bad news for any company that was attacked by REvil before February, because their data could soon be auctioned off“.
If it is true that the ransomware group is simply auctioning data from Bitcoin Revolution older attacks, Callow believes that companies attacked between April 2019 (when ransomware was first identified) and February 2020 (when the group launched its website) are now at risk that their data could be leaked to the public.
Ampleforth launches liquidity program to target Uniswap 2.0
Details of leaked confidential information
The auction consists of databases, human resources and accounting documents, technical documentation, customer and POS information, sources and firmware compilations.
Based on everything you own, the auction will begin at $100,000 with less than four days remaining at the time of this publication. It is unclear whether REvil will filter the information once the countdown ends.
REvil recently conducted another series of attacks against three companies in the United States and Canada. The companies are the well-known Canadian accounting firm, Goodman Mintz LLP, the licensed real estate broker, Strategic Sites LLC, and ZEGG Hotels & Store, a duty-free shop.