Ransomware gang REvil, known for launching stolen data auctions on the dark web, is now leaking sensitive documents stolen from a US-based robotics company.
According to an official blog post from REvil on June 11, the team has started leaking confidential data belonging to Symbotic LLC. The post noted:
“You do not want to speak with us and you probably think that we will not publish your data. We are already publishing.”
The cybercriminal group stated that they’d created a website and paid for the hosting for a year. They threatened to make the robotics company’s data visible for “a very long time in public.”
Sensitive data leaked
Leaked data includes employee names, addresses, SSNs, salary details, non-competition agreements, and more. The group reportedly asked for both Bitcoin (BTC) and Monero (XMR) to cover the ransom payment.
The cybersecurity research team, Cyble, said the attack may have occurred in the first week of June.
Symbotic LLC was founded in 2007. They currently have a workforce of approximately 1,000 employees. They develop software and robotics solutions for supply chain manufacturers, distributors, and retailers.
Ransomware growing into “serious problem”
Speaking with Cointelegraph, Brett Callow, threat analyst at malware lab Emsisoft, commented:
“Ransomware attacks continue to be a serious problem, and that’s because companies continue to pay ransoms. The only way to stop attacks is to make them unprofitable and that means companies must improve their security so as not to be in the position of needing to pay ransoms. Too often, attacks succeed only because of subpar security, and that needs to change.”
Callow has said that it sounds like the ransomware gang may not be planning to auction the robotics company’s data. However, that shouldn’t be taken as a 100% confirmed fact. He says that REvil could act unpredictably at any time.
Cointelegraph recently reported that REvil had listed sensitive data from two US-based law firms.