Heimadal Security

APRIL 21, 2022

Discovered in April 2019, the REvil/Sodinokibi ransomware (AKA Sodin) is a highly evasive ransomware that encrypts files and deletes the ransom request message after infection. REvil is a perfect […]. The post REvil’s TOR Sites Are Back With New Ransomware appeared first on Heimdal Security Blog.

Ransomware 96

Ransomware Encryption Cybersecurity 96

Malwarebytes

MAY 5, 2022

After the FBS arrested 14 of its members in January, and a subsequent lull in action, the REvil ransomware gang appears to be back. To the trained eye, REvil’s movements seem out of sorts. The sites the nodes point to looked nothing like REvil’s. REvil ransomware: a brief look back.

Ransomware 79

Ransomware Encryption Accountability Software 79

Krebs on Security

SEPTEMBER 30, 2023

Earlier this week, KrebsOnSecurity revealed that the darknet website for the Snatch ransomware group was leaking data about its users and the crime gang’s internal operations. It continues: “Prior to deploying the ransomware, Snatch threat actors were observed spending up to three months on a victim’s system.

Ransomware 225

Ransomware Accountability Cybercrime Backups 225

Security Affairs

SEPTEMBER 16, 2021

Researchers from Bitdefender released a free master decryptor for the REvil ransomware operation that allows past victims to recover their files for free. On July 2, the REvil gang hit the Kaseya cloud-based MSP platform impacting MSPs and their customers. The Tor leak site, the payment website “decoder[.]re”,

Ransomware 80

Ransomware Encryption Media Hacking 80

Malwarebytes

OCTOBER 19, 2021

The REvil ransomware group has shut down their operation for the second time this year after losing control over their Tor-based domains. REvil’s first shutdown was in July 2021, after the gang successfully pulled off a supply chain attack against Managed Service Provider Kaseya. This is one of them. The comeback.

Ransomware 72

Ransomware Internet Internet Government 72

SecureWorld News

SEPTEMBER 14, 2021

The infamous REvil ransomware gang, also known as Sodinokibi, appears to be making a comeback after months of hiatus. A new ransomware strain has been discovered by Jakub Kroustek, the Malware Research Director at Avast, suggesting the malicious cyber group has resumed attacking organizations. September 9, 2021.

Ransomware 67

Ransomware Advertising Malware Software 67

SecureList

DECEMBER 7, 2021

In the past twelve months, the word “ransomware” has popped up in countless headlines worldwide across both print and digital publications: The Wall Street Journal , the BBC , the New York Times. Words like Babuk and REvil have entered the everyday lexicon. began adopting the new approach. ” in 2021.

Ransomware 126

Ransomware B2B B2C Government 126