back to article Sure looks like someone's pirating the REvil ransomware, tweaking the binary in a hex editor for their own crimes

It appears someone is pirating the infamous REvil ransomware by tweaking its files for their own purposes. In a report today, Secureworks said it has seen a ransomware strain it tracks under the name LV infecting Windows machines with malicious binaries that share a lot of similarities with REvil’s code – the latter of which …

  1. Claptrap314 Silver badge
    Trollface

    But shirley

    By pushing data, REvil is demonstrating that they know that "information wants to be free". They (he?) would have therefore published the code under a permissive license. This is just a fork of some kind...

  2. amanfromMars 1 Silver badge

    Credit where credit is due

    That REvil sure is one much smarter than the average bear cookie ........ to have so many bases so well covered and protected.

  3. Potemkine! Silver badge

    Virus variant

    A ransomware group would have been hacked? But who can you trust these days?

    It's about time to be much more agressive against those scumbags and all the ones facilitating their jobs: lazy registrars, C&C servers hosts who don't care as long as they're paid, and the whole cryptocurrencies ecosystem.

  4. mark l 2 Silver badge

    "REvil is already a known RaaS operator, having previously told the cybercrime underworld that it would start vetting its criminal "partners" to stop them doing anything that would trigger domestic law enforcement attention. "

    This is quite an oxymoron as how exactly do you go about selling ransomware and also ensuring it won't be used for criminal activity? Other than perhaps security researchers who might have it to try and create defences against it, there is no other reason to purchase ransomware other than for using for criminal activity.

    1. Pascal Monett Silver badge

      No no, you misunderstod. REvil is not saying that its software partners should commit no crime.

      What it is saying is that its partners should stay under the radar of local law enforcement. Set yourself up in New York, partner with REvil and infect computers in Mexico, that sort of thing.

  5. amanfromMars 1 Silver badge

    Oh? .... I don't think so

    Other than perhaps security researchers who might have it to try and create defences against it, there is no other reason to purchase ransomware other than for using for criminal activity..... mark l 2

    For use against criminal activity immediately springs to mind, mark l 2. Such wares are a double edged sword/dual/multi-purpose use tool and as such highly prized and respected in many circles/round tables/oval offices.

    And some highly prized and respected circles/round tables/oval offices are certifiably criminal at their core and roots.

  6. Anonymous Coward
    Anonymous Coward

    Gold Southfield is hereby invited...

    to bring a lawsuit against Gold Northfield for copyright infringement, etc. Note that the head honchos of Gold Southfield will be required to be physically present to bring the lawsuit (just a formality, really). Don't worry about all the police officers in and around the courtroom, they're just, ah, security, yes, that's it. Please be sure to bring a list of successful targets of your ransomware, to, uh, demonstrate the usefulness of your product and why it should be protected. We might even decrease the jail sentence, no, wait, I meant give you a bonus to the payout if you can get the head folks of Gold Northfield into the courtroom to show their list of successful targets as a defense.

    <manages to dislodge tongue from cheek>

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2021