rEvil – Page 2 – Computer Security Articles

“We absolutely do not care about you”: Sugar ransomware targets individuals

Credit to Author: Jovi Umawing| Date: Tue, 08 Feb 2022 14:04:51 +0000

They call it Sugar ransomware, but it’s not sweet in any way.

Categories: Ransomware

Tags: Cl0p Cl0P ransomware Encoded01 Encoded01 ransomware Marcelo Rivero Peter Antonov ransomware revil REvil ransomware SCOP encryption algorithm Simeon Maltchev stream cipher Sugar ransomware

Independent Krebs

Who Wrote the ALPHV/BlackCat Ransomware Strain?

February 2, 2022 admin @cookiedays, A Little Sunshine, alphv ransomware, binrs, blackcat ransomware, blackmatter, Breadcrumbs, Catalin Cimpanu, darkside, duckerman, duckermanit, Flashpoint, jason hill, Ne'er-Do-Well News, paul roberts, ramp, Recorded Future, reversinglabs, rEvil, sergey duck, sergey kryakov, sergey penchikov, smiseo, the record, tox, varonis, ybcat

Credit to Author: BrianKrebs| Date: Fri, 28 Jan 2022 13:18:36 +0000

In December 2021, researchers discovered a new ransomware-as-a-service named ALPHV (a.k.a. “BlackCat”), considered to be the first professional cybercrime group to create and use a ransomware strain in the Rust programming language. In this post, we’ll explore some of the clues left behind by the developer who was reputedly hired to code the ransomware variant.

Independent Krebs

At Request of U.S., Russia Rounds Up 14 REvil Ransomware Affiliates

February 2, 2022 admin andrey sergeevich bessonov, colonial pipeline, darkside, dmitri alperovitch, FSB, gandcrab, immersive labs, kevin breen, Ne'er-Do-Well News, NotPetya, president biden, ransomware, rEvil, roman gennadyevich muromsky, The Coming Storm, Vladimir Putin

Credit to Author: BrianKrebs| Date: Fri, 14 Jan 2022 22:41:34 +0000

The Russian government said today it arrested 14 people accused of working for “REvil,” a particularly aggressive ransomware group that has extorted hundreds of millions of dollars from victim organizations. The Russian Federal Security Service (FSB) said the actions were taken in response to a request from U.S. officials, but many experts believe the crackdown is part of an effort to reduce tensions over Russian President Vladimir Putin’s decision to station 100,000 troops along the nation’s border with Ukraine.

Independent Krebs

Ransomware at IT Services Provider Synoptek

December 27, 2019 admin ransomware, rEvil, Sodinokibi, synoptek

Credit to Author: BrianKrebs| Date: Sat, 28 Dec 2019 01:49:05 +0000

Synoptek, a California business that provides cloud hosting and IT management services to more than a thousand customer nationwide, suffered a ransomware attack this week that has disrupted operations for many of its clients, according to sources. The company has reportedly paid a ransom demand in a bid to restore operations as quickly as possible. Irvine, Calif.-based Synoptek is a managed service provider that maintains a variety of cloud-based services for more than 1,100 customers across a broad spectrum of industries, including state and local governments, financial services, healthcare, manufacturing, media, retail and software. The company employs nearly a thousand employees and brought in more than $100 million in revenue in the past year.

Independent Krebs

Ransomware Gangs Now Outing Victim Businesses That Don’t Pay Up

December 16, 2019 admin BleepingComputer, Lawrence Abrams, maze ransomware, ransomware, rEvil, Sodinokibi, The Coming Storm

Credit to Author: BrianKrebs| Date: Tue, 17 Dec 2019 02:21:23 +0000

As if the scourge of ransomware wasn’t bad enough already: Several prominent purveyors of ransomware have signaled they plan to start publishing data stolen from victims who refuse to pay up. To make matters worse, one ransomware gang has now created a public Web site identifying recent victim companies that have chosen to rebuild their operations instead of acquiescing to their tormentors.

Independent Krebs

Ransomware at Colorado IT Provider Affects 100+ Dental Offices

December 7, 2019 admin complete technology solutions ransomware, herb miner, medix dental, PerCSoft, ransomware, rEvil, Sodinokibi, thomas terronez

Credit to Author: BrianKrebs| Date: Sat, 07 Dec 2019 21:17:24 +0000

A Colorado company that specializes in providing IT services to dental offices suffered a ransomware attack this week that is disrupting operations for more than 100 dentistry practices, KrebsOnSecurity has learned. Multiple sources affected say their IT provider, Englewood, Colo. based Complete Technology Solutions (CTS), was hacked, allowing a potent strain of ransomware known as “Sodinokibi” or “rEvil” to be installed on computers at more than 100 dentistry businesses that rely on the company for a range of services — including network security, data backup and voice-over-IP phone service.

MalwareBytes Security

Threat Spotlight: Sodinokibi ransomware attempts to fill GandCrab void

July 18, 2019 admin 177a571d7c6a6e4592c60a78b574fe0e, bf9359046c4f5c24de0a9de28bbabd14, caas, Cisco Talos, crime-as-a-service, CVE-2018-8453, CVE-2019-2725, e713658b666ff04c9863ebecb458f174, FruitArmor APT, gandcrab, Heaven's Gate, malvertising, managed service providers, msp hack, Oracle WebLogic vulnerability, raas, Ransom.Sodinokibi, ransomware, Ransomware as a Service, rEvil, salsa20, shadow copy, Sodin, Sodinokibi, threat spotlight, volume snapshot service, vss, Win32k vulnerability, zero-day vulnerability

Credit to Author: Jovi Umawing| Date: Thu, 18 Jul 2019 17:58:26 +0000

There’s a new ransomware-as-a-service (RaaS) in town, and it can twist tongues for giggles as much as twist organizations’ arms for cash. Get to know the Sodinokibi ransomware, including how to protect against this fledgling threat.

Categories:

Threat spotlight

Tags: 177a571d7c6a6e4592c60a78b574fe0e bf9359046c4f5c24de0a9de28bbabd14 caas Cisco Talos crime-as-a-service CVE-2018-8453 CVE-2019-2725 e713658b666ff04c9863ebecb458f174 FruitArmor APT gandcrab Heaven’s Gate malvertising managed service providers msp hack Oracle WebLogic vulnerability raas Ransom.Sodinokibi ransomware Ransomware as a Service revil salsa20 shadow copy sodin Sodinokibi volume snapshot service vss Win32k vulnerability zero-day vulnerability

Independent Krebs

Is ‘REvil’ the New GandCrab Ransomware?

July 15, 2019 admin Cisco Talos, gandcrab, Intel471, kaspersky lab, Ne'er-Do-Well News, rEvil, Sodin, Sodinokibi, Tesorion, The Coming Storm

Credit to Author: BrianKrebs| Date: Mon, 15 Jul 2019 15:58:30 +0000

The cybercriminals behind the GandCrab ransomware-as-a-service (RaaS) offering recently announced they were closing up shop and retiring after having allegedly earned more than $2 billion in extortion payments from victims. But a growing body of evidence suggests the GandCrab team have instead quietly regrouped behind a more exclusive and advanced ransomware program known variously as “REvil,” “Sodin,” and “Sodinokibi.”