REvil (Sodinokibi) ransomware gang have launched an auction site to sell data stolen from the companies they hacked.
This auction portal is the latest trick used by the REvil, while taking the extortion tactic to a new level.
The REvil gang is one of the most active and aggressive ransomware operators and they once again proved their role as a trend-setter in the ransomware community.
The gang usually targets corporates and never focuses on home consumers.
They use exploits in network appliances to breach enterprise networks and then encrypt the victim’s files and ask for huge extortion fees.
The REvil gang also run a “leak site” on the dark web which is used to publish teasers of stolen files, and later the stolen data in whole if the victims do not make the ransom payments.
The ransomware gang posted a blog on their leak site about the launch of a new “auction” feature to allow them to monetize the stolen files instead of releasing them for free, which was what they did usually.
The first auction is made up of files stolen from a Canadian agricultural company which was hacked and encrypted last month, but had decided not to pay the ransom demand.
The auction price for the company’s files starts from $50,000, payable in the Monero cryptocurrency.
The idea of starting an auction feature came to their minds during their ongoing extortion of a New York law firm that represents celebrities. They even threatened to hold an auction for Madonna’s private legal documents.
Even though the Canadian company is the first REvil victim to have its files put up for auction, the gang have suggested that Madonna’s files will also be soon published besides other stolen files.