Nothing says ransomware is a profitable business more than throwing down a million dollars in an attempt to attract and hire the most talented hackers on the planet.
Just when you think you’ve seen everything, something like this shows up. A recent post on a Russian hacker forum from the group behind REvil ransomware sought out candidates who have experience with penetration testing, citing skills using the Metasploit Framework (MSF), Cobalt Strike, and Koadic open-source pen testing tool and windows rootkit.
The 99 bitcoins posted to the forum, valued at over $1 million, is a brilliant tactic that somewhat flaunts the successes the REvil gang have ad, and their ability to gainfully employ candidates.
It’s a pretty dangerous prospect when the bad guys have so much money they can afford to hire the most talented hackers today, rivaling even the largest global enterprises today.
Ransomware has already been on the rise this year and from the looks of the latest post from REvil and the assumed draw such a post can garner, the future of ransomware is going to be much worse for organizations.
Despite the assumed improvements REvil (and gangs like them) will have over the coming months, they still need one of your users to engage with an email, a website – something – to start the process of infecting one of your endpoints. Putting users through Security Awareness Training is an impactful way to minimize the likelihood a user will fall for phishing attacks and social engineering scams.
Ransomware has been evolving into full-blown data breach attacks, and looks to be moving even more in that direction. The time to prepare is now.