Newsroom News Breaking Comics Tags RSS
News hardware & software 04 October 2021, 14:56

Hackers Steal From Hackers - Ransomware Contains Backdoors for Seizing Money

Cybercriminals seem to see no obstacles to stealing from the likes of themselves. Hackers who buy ransomware complain about the backdoors installed in it.

IN A NUTSHELL:
  • It's a hacker-eat-hacker world - ransomware creators serve their "partners" with hidden backdoors.

Life in the cybercriminal underworld is not a bed of roses. Here's a group of hackers using ransomware acquired from other hackers complaining about backdoors in their ransomware. REvil is one of the more popular ransomware programs. Its "users" report backdoors that can be used by its creators to take control over ransomware negotiations and funds.

Experts from Flashpoint have spotted such information on cybercrime forums. REvil group provides its software to "partners" on a spoilsharing basis. Attack initiators generally receive 70% of the ransom, ransomware authors the rest. All payments are made in cryptocurrencies (such as bitcoin or Ethereum). What was discovered by the "partners", enables REvil to intercept chat communications with an attacked entity and, for example, impersonate the interlocutor.

This way, instead of sharing the ransomware, the creators at REvil can take it over entirely. On a Russian-speaking forum, cybercriminals complain that such actions undermine their trust in ransoware developers (yes, I know how ironically that sounds), but they admit that REvil is too well known for the discovery of backdoors to hurt them much. Well, from the point of view of the average user, we can only be glad that something is falling apart in the world of "network thieves".

Ransomware attacks are one of the most troublesome threats currently encountered on the Internet. Both big companies and ordinary computer users fall their prey. There is no 100% effective protection, but it is worth installing security updates and frequently backing up important files. When we are attacked and our files are encrypted, most experts do not recommend paying the ransom, because it does not guarantee the recovery of files, and certainly contributes to the development of the procedure.

Arkadiusz Strzala

Arkadiusz Strzala

His adventure in writing began with his own blog and contributing to one of the early forums (in the olden days of Wireless Application Protocol). An electrical engineer by profession, he has a passion for technology, constructing and, of course, playing computer games. He has been a newsman and writer for Gamepressure since April 2020. He specializes in energy and space tech. However, he does not shy away from more relaxed matters every now and then. He loves watching science-fiction movies and car channels on YouTube. He mainly plays on the PC, although he has modest console experience too. He prefers real-time strategies, FPS and all sorts of simulators.

more