A notorious Russian threat group famed for its devastating ransomware attacks has funded a hacking competition being run on a dark web forum.
Sodinokibi—the creators of the REvil ransomware—stumped up $15,000 in prize money for the illegal hacking contest, which requires competitors to write original articles containing proof-of-concept videos or original code.
Articles can be submitted on five different topics, including APT attacks, developing exploits for searching for 0day and 1day vulnerabilities, and how to hack other people’s crypto algorithms.
Along with the prize money, Sodinokibi offered the competition’s overall winner an opportunity to “work with” the threat actors under “mutually beneficial conditions.”
The competition was announced via the XSS forum, which counts several Sodinokibi representatives among its members.
News of the competition and its nefarious sponsors was published today in a report by researchers at Digital Shadows. While black hat hacking competitions on dark web forums like Exploit and XSS are nothing new, the researchers noted a significant increase in the number of high-stakes prizes on offer recently.
“Since its relaunch as XSS [in 2018], the former Damagelabs has organized three articles competitions, all with four- or five-figure prize funds,” the researchers noted.
By contrast, a 2010 competition that challenged participants to design a graphic that best represented the Russian-language segment of the internet (the “Runet”) had as its prize a single iPad.
Digital Shadows’ research indicates that groups like Sodinokibi have taken an interest in these competitions to foster technical skills among forum members, increase awareness of the availability of ransomware on the forum in a savvy sales move, and gain valuable intelligence for future malware development.
For the forums, such high-prize competitions are a way to grow or sustain their membership.
Article sourced from Infosecurity Magazine.