Welcome to the

AdGuardian Plus Blog

News

Russian hackers organized an auction for the KPOT malware

Russian hackers announcement

Russian hackers organized an auction to sell the source code of the KPOT malware. It seems that he malware author decided to sell the code and involve in other projects.

The sale happened after the KPOT malware author decided to auction off the code, desiring to move off to other projects.

The action happened last month, on a private underground hacking forum, for the Russian speaking-hackers cyber-criminals.

Russian hackers considered it too pricey

According to the Pancak3  security researcher, cited by ZDNet, most of the members on the forum declined to join the auction, due to the unreasonable high price.

Thus, a well-known member of the REvil (Sodinokibi) ransomware gang, UNKN, was the only bidder.

So, UNKN bought it for the initial asking price, of $6,500. In return, he received the source code of the 2.0 (latest) version of the of KPOT malware.

According to the Pancak3 security researcher, cited by ZDNet, most of the members on the forum declined to join the auction, due to the unreasonable high price.

Thus, a well-known member of the REvil (Sodinokibi) ransomware gang, UNKN, was the only bidder.

So, UNKN bought it for the initial asking price, of $6,500. In return, he received the source code of the 2.0 (latest) version of the of KPOT malware.

KPOT steals information

Security experts spotted KPOT in 2018, for the first time. They consider it a “classic information stealer”, which can extract and steal passwords. They steal from different apps on infected computers.

So, they can do this from VPNs, FTP apps, gaming software or web browsers. According to a Proofpoint report, KPOT can also extract credentials from instant messengers or email clients.

Pancak3 believes that the REvil gang wanted KPOT in order to “further develop it”. Also, he thinks that hackers might add it to their tools, so that they can use it in their intrusions in the corporate networks.

One of the main reasons for which the REvil gang decided to pay the money is that they have enough. In a recent interview on a Russian YouTube channel, UNKN claimed that the REvil gang makes over $100 million from ransom demands, each year.

Also, the member of the gang mentioned that he would not fear a law enforcement action, but an assassination attempt.

It seems the the Russian hackers would do anything for money. A few months ago, the NSA issued an advisory regarding the activity of the Russian hackers.

This happened after they discovered a group have been targeting COVID-19 research and vaccine development in three different countries.

Laurentiu Titei
About author

Laurentiu, a creative content writer, has been producing articles about technology for more than 10 years. He is interested in all the security and internet news and his mainstream media background helps make them readable for all kinds of users. Moreover, he grows the appropriate social media channels for websites.
Related posts
News

Digital Advertising practices, under the pressure of fines

News

Advertising discrimination, addressed by huge companies

News

Ad fraud might hit $100B, advertising companies worry

News

The ad-based business model: Would Facebook change it?

Leave a Reply

Your email address will not be published. Required fields are marked *