The REvil hacker group has made a name for itself in selling ransomware. So when cybercriminal clients realize that the group is trying to defraud them, complaints quickly multiply on the Dark Web.
Cybercrime is a lawless environment, and obviously some hackers have just realized. You may be familiar with the REvil hacker group. Specialized in the creation and rental / sale of ransomware, this entity has been involved in numerous attacks. For example, they demanded $ 50 million from Apple on pain of disseminating the plans for the Mac M1. They are also responsible for the biggest cyberattack in history against Kaseya, which they had asked the astronomical sum of 70 million dollars.
As said above, the REvil group does not stop at organizing large-scale cyber attacks, they also offer its ransomware to the highest bidders, in return for a commission on the possible earnings of its cybercriminal clients. Only, it turns out that REvil operators are rather greedy and are not limited to waiting wisely for their piece of the pie.
Also Read: Fake Windows Update Targets Kaseya Ransomware Victims
When hackers scam other hackers
As revealed by computer security researcher Yelisey Boguslavskiy, the hackers of the REvil group have installed a back door in their products, which allows you to restore encrypted files without the intervention of the affiliate customer. In other words, nothing prevents REvil from taking over the ongoing negotiations, to complete them and leave with the ransom without the knowledge of the hacker who paid to profit from the ransomware.
Unsurprisingly, complaints have multiplied on the Dark Web and on underground forums as soon as the news broke. A REvil customer says that his own $ 7 million extortion plan suddenly collapsed, without knowing the reason. He claims that one of the REvil operators took over via the backdoor and then grabbed the ransom.
Another user complains “crappy partnership programs with untrustworthy ransomware groups ”. A direct reference to REvil. As you might expect, REvil is not the type to offer customer service. For aggrieved hackers, there is nothing they can do, except stop using the hacker group’s products.
Source: ZDnet