The Netwalker ransomware operation is recruiting potential affiliates with the possibility of million-dollar payouts and an auto-publishing data leak blog to help drive successful ransom payments.
Started as Mailto and responsible for high profile attacks, the ransomware operators rebranded as Netwalker in March 2020 when it began to recruit potential affiliates to distribute their ransomware.
These affiliates would be in charge of breaching networks and deploying the ransomware, and in return, would receive the lion's share of any ransom payments they bring in.
Promises of riches
In a series of posts to a Russian hacker forum shared with BleepingComputer by cyber intelligence firm Advanced Intelligence, the public-facing operator of the Netwalker ransomware has been interview affiliates for their program since March.
In a new post created over the weekend, Netwalker outlines all the improvements made to their operation, which include some very revealing data about ransom payments and new ways that they are extorting their victims.
Recruitment post
Attached to the post are four images showing some of the large ransom payments they have received from victims who paid.
These ransom payments range from $696,000 up to $1.5 million.
As affiliates typically earn 70% of a ransom, if not more, they would receive between $487,000 to over a $1 million from a single ransom payment.
Netwalker ransom payments
Auto-publishing data leak site adds further leverage
In addition to the million-dollar payouts, Netwalker is promoting an auto-publishing data leak site that allows an affiliate to upload links to stolen data ..
Support the originator by clicking the read the rest link below.
