Sodinokibi Ransomware Archivo

REvil ransomware reanudó los ataques

La semana pasada, la infraestructura de REvil (Sodinokibi) returned online after months of downtime, y ahora el ransomware ha reanudado los ataques. El caso es que en julio 2021, the hack group went offline without giving any reason. Then it was a question of shutting down an entire network of conventional and darknet sites that were used… Seguir leyendo REvil ransomware reanudó los ataques

REvil Operators Demand $7.5 Million Ransom from Argentine Internet Provider

Fin de semana pasado, one of Argentina’s largest internet providers, Telecom Argentina, suffered from REvil (Sodinokibi) ransomware attack. Malware has infected about 18,000 ordenadores, and now REvil operators demand $7.5 million from the company. The ZDNet magazine writes that the attackers managed to gain domain administrator rights, thanks to which the ransomware quickly spread to 18,000 workstations.… Seguir leyendo REvil Operators Demand $7.5 Million Ransom from Argentine Internet Provider

Especialistas del EI estudiaron los métodos de trabajo del REvil (Sodinokibi) operadores de ransomware

Los especialistas en seguridad de la información del proveedor danés KPN aplicaron sumidero a REvil (Sodinokibi) cryptographic servers and studied the working methods of one of the largest ransomware threats today. Recall that REvil works under the “ransomware as a service” (RaaS) esquema, lo que significa que el malware se alquila a varios grupos criminales. “Porque hay muchos grupos, como… Seguir leyendo Especialistas del EI estudiaron los métodos de trabajo del REvil (Sodinokibi) operadores de ransomware