When an obstruction Trojan has successfully struck, criminals demand large slacks of money. In order for this to work reliably, the developers of such pests always come up with new methods to build up even more prere. The makers of REvil are now threatening DDoS attacks and calls to customers and partners from whom data is on Trojanized computers.
The mere locking up of data has obviously long since ceased to be enough to make victims pay lots of money. In the meantime, it has become standard repertoire for attackers to copy data and make it public. This leverage seems to work again and again and companies pay sometimes horrendous sums of money.
DDoS attacks and phone calls
As reported by a security researcher on Twitter, the REvil developers have now extended their service for premium customers. They are running an affiliate program with the sham. Among other things, they provide the malicious code and an infrastructure to distribute the Trojan. If victims pay lottery money, about 30 percent of it goes to the developers. The rest goes to the affiliates.
Recently, premium customers can add DDoS attacks and extortion calls for free. When a company is confronted with a DDoS attack crippling its servers or blackmailers informing the company’s customers about leaked data, the will to pay could be strong.
REvil is a ransomware tailored for Windows PCs that is currently infecting computers in a crude manner. The backers claim to have made $100 million in one year with their malware. This year they want to extort 2 billion US dollars with their criminal activities.