The REvil (Sodinokibi) ransomware group has deposited $1M in Bitcoin on a Russian hacker forum as part of an effort to recruit hackers. The group operates a ransomware-as-a-service ring based on recruiting affiliates to distribute the ransomware. The money is available to hackers who can provide skills that REvil is looking for.
- Earlier this month, the REvil group shut down all branches of Chilean back BancoEstado as a result of a ransomware attack.
- REvil is one of a growing number of ransomware groups that steal data before encrypting systems, holding both for ransom.
- In June, REvil launched an auction site to sell stolen data.