AskCyberSecurity.com

Cyber Security News & Information

AskCyber Home » News » News » Hackers Set Up First Stolen Data Web Auction Site

Hackers Set Up First Stolen Data Web Auction Site

by

hacker auction

REvil Ransomware Hackers Set to Auction Off Stolen Corporate Data on Dark Web

Hackers from REvil leaked a sample of stolen corporate data online. The ransomware hackers created a dark web auction site to sell stolen corporate information. The records are compromised information taken from Canadian agricultural company Agromart Group. According to cyber security researchers at Krebs on Security the stolen information contains documents and details for Agromart Group’s last three months of operations.

REvil leaked the data on their dark web “Happy Blog” according to cyber security researchers Brian Krebs. The hacker plan on auctioning off the data in their first ever auction site. A screenshot other starting price and time left was posted online on their blog.

Leaking data online is becoming the norm for hacking groups as they try to pressure compromised companies to pay the ransom fee.

The opening bid is set at $50,000 but REvil plans on auctioning off the data to the highest bidder.

READ: Stolen Credit Cards Found for Sale on Dark Web

Cyber security firm Cyble, a US cyber security company, examined some of the stolen data and says the data is legitimate. The compromised information contains three databases and over 22,000 files

• Financial accounts
• Personal net worth documents
• Aging report of documents of their users
• Agromart group’s credit application and agreement form
• and more

The Agromart Group provides crop nutrients, seed, crop protection products, custom application and associated services to agricultural producers across Eastern Canada.

Krebs: A partial screenshot from the REvil ransomware group’s Dark Web blog.

The FBI has advised Ransomware victims not to pay any ransom demands Hackers are getting more creative with their ransom tactics because small governments and corporations have vowed not to pay any ransom to discourage future attacks. Cyber criminals may be resorting to new tactics like this auction style extortion because companies like it’s possible that companies like Agromart Group’s simply don’t have the money to pay the ransom right now.

What is REvil?

REvil is an organized group of hackers also known as Sodinokibi or Sodin.

How Do I Defend Against Ransomware Attacks?

  • Patch all hardware and software as soon as updates become available. Malware attacks often take advantage of known vulnerabilities. Many of which have already been resolved with security updates
  • All devices including personal devices that connect to the network must also be patched and secured
  • Disable macros in Microsoft Office for Word Docs and Excel files
  • Maintain a backup of all systems and important data. If your network does get hacked, you will have a restore point to work with an avoid paying ransom
  • Give users the bare minimum Permissions to do their job. Everyone does not need admin or root access restrict their login credentials to only the necessary levels and permissions to complete their tasks

About Max

Max is a Data Privacy Coordinator at a major global law firm and a science fiction author residing in the Philadelphia area. He has been writing for https://www.askcybersecurity.com since early 2017.