Sodin

July 15, 2019

Is ‘REvil’ the New GandCrab Ransomware?

This post was originally published on this siteThe cybercriminals behind the GandCrab ransomware-as-a-service (RaaS) offering recently announced they were closing up shop and retiring after having allegedly earned more than $2 billion in extortion payments from victims. But a growing body of evidence suggests the GandCrab team have instead quietly regrouped behind a more exclusive and advanced ransomware program known variously as “REvil,” “Sodin,” and “Sodinokibi.” “We are getting a well-deserved retirement,” the GandCrab administrator(s) wrote in their farewell message on May 31. “We are a living proof that you can do evil and get off scot-free.” However, it now […]
May 18, 2020

This Service Helps Malware Authors Fix Flaws in their Code

This post was originally published on this siteAlmost daily now there is news about flaws in commercial software that lead to computers getting hacked and seeded with malware. But the reality is most malicious software also has its share of security holes that open the door for security researchers or ne’er-do-wells to liberate or else seize control over already-hacked systems. Here’s a look at one long-lived malware vulnerability testing service that is used and run by some of the Dark Web’s top cybercriminals. It is not uncommon for crooks who sell malware-as-a-service offerings such as trojan horse programs and botnet […]
June 2, 2020

REvil Ransomware Gang Starts Auctioning Victim Data

This post was originally published on this siteThe criminal group behind the REvil ransomware enterprise has begun auctioning off sensitive data stolen from companies hit by its malicious software. The move marks an escalation in tactics aimed at coercing victims to pay up — and publicly shaming those don’t. But it may also signal that ransomware purveyors are searching for new ways to profit from their crimes as victim businesses struggle just to keep the lights on during the unprecedented economic slowdown caused by the COVID-19 pandemic. Over the past 24 hours, the crooks responsible for spreading the ransom malware […]