The hackers behind the Sodinokibi/REvil ransomware have reportedly switched their demands for payment from Bitcoin or Ethereum to Monero cryptocurrency to try to prevent law enforcement from tracking payments.
The hackers reportedly advertised the switch in a posting to an online hacker and malware forum, and admitted that the switch from Bitcoin to Monero is meant to make it harder for law enforcement to track them. The hackers stated, “We inform you that after a while the BTC will be removed as a payment method. Victims need to begin to understand the new cryptocurrency, as well as other interested parties who work with us.”
On its Sodinokibi Tor payment site, it is reported that the hackers have alerted the world that they have moved away from Bitcoin to Monero, and if a victim wants to use Bitcoin, there is a 10% increase in the ransom.
Sodinokibi hackers have followed in the footsteps of the Maze ransomware operators and are reportedly publishing stolen data from victimized companies if the ransom is not paid. Last month, the Sodinokibi hackers published over 12 GB of data from a company that did not pay the ransom, allowing other criminals to use the data and sell it on hacker forums.