A group of Ransomware attacks again by conducting auctions with the stolen data

Bitcoin / Von

The ransomware group REvil has started another auction on the dark web, valuing confidential data stolen from two U.S.-based law firms.

The list appeared on June 6, via the official REvil blog on the darknet, where bidders are looking to acquire 50GB of Fraser Wheeler & Courtney LLP data and 1.2TB stolen from the Vierra Magen Marcus LLP database.

Chainalysis is now able to track your Zcash and Dash ‚privacy coins

Fraser Wheeler & Courtney LLP

Auction data includes customer information, internal company documentation, electronic correspondence, patent agreements, business plans and projects, as well as new technologies not yet patented.

An IP-related law firm among its victims
The law firm, Vierra Magen Marcus LLP, specializes in intellectual property rights. According to REvil, the company’s clients include more than 650 technology companies and individuals, including Asus, Toshiba, Seagate, Nissan, LG, Silicon Valley startups and „larger companies.

Fraser Wheeler & Courtney LLP’s starting bid price is $30,000 to be paid by Bitcoin (BTC) in less than a week or the group threatens to publish the data, according to the countdown shown at the time of publication.

Report: Ransom costs for stolen data increased 200% from 2018 to 2019

Possible motivations behind the auctions.
Speaking to Cointelegraph, Brett Callow, a threat analyst at the Emsisoft malware lab, said that REvil, began auctioning data after failing to extract payment from Grubman Shire Meiselas & Sacks, the law firm representing Madonna, adding the following:

„He suspected that the main purpose of the auctions is not to generate revenue, but to increase the bet for future victims. The idea that data will be auctioned and sold to competitors or other criminal companies may worry companies much more than simply posting on an obscure Tor site and therefore provide them with an additional incentive to pay the lawsuit.

Callow warns that ransomware has transformed into a multi-billion dollar industry where tactics are becoming more extreme and demand amounts are increasing, he said: „They are rapidly becoming super predators.

The threat analyst said about what companies must do to contain ransomware attacks:

„The only way to reverse this trend is to cut off cash flow, and that means that companies must stop paying ransoms, if this doesn’t happen, the attacks will continue and become increasingly sophisticated and difficult to defend.

Cointelegraph reported on June 7 on a study by digital forensics, Crypsis Group, which revealed an increase in the amounts demanded by ransomware attackers, as the amounts grew by 200% from 2018 to 2019.