The operators behind Sodinokibi/REvil ransomware have decided to abandon Bitcoin as an accepted payment method and switch to Monero cryptocurrency instead to make it harder for law enforcement to trace the money.
According to the announcement on a hacker and malware forum, from now on victims who are targeted by Sodinokibi gangs should pay a ransom in Monero in exchange for the decryption key.
“This principle has led to allegations that Monero could be used for drug trafficking, the dissemination of child pornography and more. In this regard, Europol in 2017 expressed concern about the growing popularity of Monero. In 2020, Europol made an official statement - Monero is impossible to track.
Due to CryptoNote and the obfuscation added to the protocol, passive mixing is provided: all transactions in the system are anonymous, and all participants in the system can use plausible denial in case of capture.
The combination of an anonymous browser Tor and Monero can quite successfully make a person’s financial activity completely invisible to the police and government agencies. We are extremely worried about the anonymity and security of our adverts, so we began a “forced” transition from the BTC to Monero,” the gang explained.
As Bleeping Computer reports, on their payment website the Sodinokibi operators encourage victims to move from paying with Bitcoin by increasing the price in the currency by 10% compared to the Monero price. Interestingly, the group is also offering "partners" who help victims pay the ransom a discount that will make them "pleasantly surprised".
Meanwhile, security experts say victims should refrain from paying the ransom as there is no guarantee that the hackers will provide a decryption key once the money is paid.