Researchers: Ransomware-as-a-service operations not just lying to victims, but also the criminals’ business partners. Malware Backdoor lets Admins steal 70% of ransom payments that are supposed to go to the affiliates. Experts say competition remains fierce to recruit the most skilled affiliates, since they help operators hit bigger targets and reap larger ransom payoffs. But at least one affiliate appears to have been shortchanged by the new group, leading him to leak the new target’s salary.”]
Source: https://www.cuinfosecurity.com/blogs/revil-ransomware-groups-latest-victim-its-own-affiliates-p-3125