REvil ransomware

June 2, 2020

REvil Ransomware Gang Starts Auctioning Victim Data

This post was originally published on this siteThe criminal group behind the REvil ransomware enterprise has begun auctioning off sensitive data stolen from companies hit by its malicious software. The move marks an escalation in tactics aimed at coercing victims to pay up — and publicly shaming those don’t. But it may also signal that ransomware purveyors are searching for new ways to profit from their crimes as victim businesses struggle just to keep the lights on during the unprecedented economic slowdown caused by the COVID-19 pandemic. Over the past 24 hours, the crooks responsible for spreading the ransom malware […]
August 5, 2021

Ransomware Gangs and the Name Game Distraction

This post was originally published on this siteIt’s nice when ransomware gangs have their bitcoin stolen, malware servers shut down, or are otherwise forced to disband. We hang on to these occasional victories because history tells us that most ransomware moneymaking collectives don’t go away so much as reinvent themselves under a new name, with new rules, targets and weaponry. Indeed, some of the most destructive and costly ransomware groups are now in their third incarnation. A rough timeline of major ransomware operations and their reputed links over time. Reinvention is a basic survival skill in the cybercrime business. Among […]
March 1, 2022

Conti Ransomware Group Diaries, Part I: Evasion

This post was originally published on this siteA Ukrainian security researcher this week leaked several years of internal chat logs and other sensitive data tied to Conti, an aggressive and ruthless Russian cybercrime group that focuses on deploying its ransomware to companies with more than $100 million in annual revenue. The chat logs offer a fascinating glimpse into the challenges of running a sprawling criminal enterprise with more than 100 salaried employees. The records also provide insight into how Conti has dealt with its own internal breaches and attacks from private security firms and foreign governments. Conti’s threatening message this […]