The operators of the REvil ransomware have launched a new auction site used to sell victim’s stolen data to the highest bidder. REvil, otherwise known as Sodinokibi, is a ransomware operation that breaches corporate networks using exposed remote desktop services, spam, exploits, and hacked Managed Service Providers. Once established on a network, they quietly spread laterally through the company while stealing unencrypted data from workstations and exposed servers.
The opinions expressed in this post belongs to the individual contributors and do not necessarily reflect the views of Information Security Buzz.