Sodinokibi

May 18, 2020

This Service Helps Malware Authors Fix Flaws in their Code

This post was originally published on this siteAlmost daily now there is news about flaws in commercial software that lead to computers getting hacked and seeded with malware. But the reality is most malicious software also has its share of security holes that open the door for security researchers or ne’er-do-wells to liberate or else seize control over already-hacked systems. Here’s a look at one long-lived malware vulnerability testing service that is used and run by some of the Dark Web’s top cybercriminals. It is not uncommon for crooks who sell malware-as-a-service offerings such as trojan horse programs and botnet […]
June 2, 2020

REvil Ransomware Gang Starts Auctioning Victim Data

This post was originally published on this siteThe criminal group behind the REvil ransomware enterprise has begun auctioning off sensitive data stolen from companies hit by its malicious software. The move marks an escalation in tactics aimed at coercing victims to pay up — and publicly shaming those don’t. But it may also signal that ransomware purveyors are searching for new ways to profit from their crimes as victim businesses struggle just to keep the lights on during the unprecedented economic slowdown caused by the COVID-19 pandemic. Over the past 24 hours, the crooks responsible for spreading the ransom malware […]
October 28, 2020

Security Blueprints of Many Companies Leaked in Hack of Swedish Firm Gunnebo

This post was originally published on this siteIn March 2020, KrebsOnSecurity alerted Swedish security giant Gunnebo Group that hackers had broken into its network and sold the access to a criminal group which specializes in deploying ransomware. In August, Gunnebo said it had successfully thwarted a ransomware attack, but this week it emerged that the intruders stole and published online tens of thousands of sensitive documents — including schematics of client bank vaults and surveillance systems. The Gunnebo Group is a Swedish multinational company that provides physical security to a variety of customers globally, including banks, government agencies, airports, casinos, […]
May 17, 2021

Try This One Weird Trick Russian Hackers Hate

This post was originally published on this siteIn a Twitter discussion last week on ransomware attacks, KrebsOnSecurity noted that virtually all ransomware strains have a built-in failsafe designed to cover the backsides of the malware purveyors: They simply will not install on a Microsoft Windows computer that already has one of many types of virtual keyboards installed — such as Russian or Ukrainian. So many readers had questions in response to the tweet that I thought it was worth a blog post exploring this one weird cyber defense trick. The Commonwealth of Independent States (CIS) more or less matches the […]