Categories: News

Russian hackers organized an auction for the KPOT malware

Russian hackers organized an auction to sell the source code of the KPOT malware. It seems that he malware author decided to sell the code and involve in other projects.

The sale happened after the KPOT malware author decided to auction off the code, desiring to move off to other projects.

The action happened last month, on a private underground hacking forum, for the Russian speaking-hackers cyber-criminals.

Russian hackers considered it too pricey

According to the Pancak3 security researcher, cited by ZDNet, most of the members on the forum declined to join the auction, due to the unreasonable high price.

Thus, a well-known member of the REvil (Sodinokibi) ransomware gang, UNKN, was the only bidder.

So, UNKN bought it for the initial asking price, of $6,500. In return, he received the source code of the 2.0 (latest) version of the of KPOT malware.

According to the Pancak3 security researcher, cited by ZDNet, most of the members on the forum declined to join the auction, due to the unreasonable high price.

Thus, a well-known member of the REvil (Sodinokibi) ransomware gang, UNKN, was the only bidder.

So, UNKN bought it for the initial asking price, of $6,500. In return, he received the source code of the 2.0 (latest) version of the of KPOT malware.

KPOT steals information

Security experts spotted KPOT in 2018, for the first time. They consider it a “classic information stealer”, which can extract and steal passwords. They steal from different apps on infected computers.

So, they can do this from VPNs, FTP apps, gaming software or web browsers. According to a Proofpoint report, KPOT can also extract credentials from instant messengers or email clients.

Pancak3 believes that the REvil gang wanted KPOT in order to “further develop it”. Also, he thinks that hackers might add it to their tools, so that they can use it in their intrusions in the corporate networks.

One of the main reasons for which the REvil gang decided to pay the money is that they have enough. In a recent interview on a Russian YouTube channel, UNKN claimed that the REvil gang makes over $100 million from ransom demands, each year.

Also, the member of the gang mentioned that he would not fear a law enforcement action, but an assassination attempt.

It seems the the Russian hackers would do anything for money. A few months ago, the NSA issued an advisory regarding the activity of the Russian hackers.

This happened after they discovered a group have been targeting COVID-19 research and vaccine development in three different countries.

Laurentiu Titei

Laurentiu, a creative content writer, has been producing articles about technology for more than 10 years. He is interested in all the security and internet news and his mainstream media background helps make them readable for all kinds of users. Moreover, he grows the appropriate social media channels for websites.

View Comments

Recent Posts

Digital Advertising practices, under the pressure of fines

Its digital advertising practices continue to bring troubles for Google. Two separate cases will go to court in the UK…

2 years ago

Advertising discrimination, addressed by huge companies

WPP, Delta Airlines, Kellogg and Mindshare take the issue of advertising discrimination seriously, in order to combat bias in digital…

3 years ago

Ad fraud might hit $100B, advertising companies worry

Ad fraud has become a very big issue for both users and the advertising agencies. Different forms of it might…

3 years ago

The ad-based business model: Would Facebook change it?

The Facebook lead architect of the ad-based business model leaves the company. Let's see how her move could affect company's…

3 years ago

Here it comes: New Meta privacy policy. Does it matter?

A new Meta privacy policy comes soon for the company's platforms. Users would be notified of the updates about how…

3 years ago

Advertising company: ”Our customers don’t like ads”

As its “customers don't like ads,” Evite, an American online party planner, decided to just close its advertising business, while…

3 years ago