Not a long time ago, a cybersecurity analyst posted a video on YouTube where he shows the vulnerability in ransomware samples used by well-known ransomware groups. In the footage, expert shows this exploit usage on the REvil ransomware sample, but there are half a dozen of ransomware products vulnerable to that thing. The crooks’ weapon… Continue reading Vulnerability in ransomware can prevent the encryption
Tag: REvil
US authorities arrest Kaseya hacker and attacker associated with REvil and GandCrab
Law enforcement agencies, as well as European and American authorities, have taken up the fight against ransomware in earnest and the other day they arrested a Kaseya hacker. However, over the past few days, several important events have taken place at once. Operation Cyclone, which was carried out by Interpol, the law enforcement agencies of… Continue reading US authorities arrest Kaseya hacker and attacker associated with REvil and GandCrab
After REvil shut down, members of the hack group DarkSide hastily moved $7 million
Information security specialists noticed that at the end of last week, the funds of the DarkSide hack group began to move: the attackers hastily moved about $7 million to other wallets. Moreover, with each new transaction, a smaller amount is transferred, which makes it difficult to track money. CEO and co-founder of Profero first noticed… Continue reading After REvil shut down, members of the hack group DarkSide hastily moved $7 million
Media said that the REvil sites were hacked by law enforcement agencies
Reuters reports that the recent shutdown of the REvil hack group was due to hack of hacker’s sites by law enforcement agencies. Let me remind you that earlier this week the operations of the ransomware REvil were again suspended, as an unknown person hacked the group’s website, through which hackers accepted payments from victims and… Continue reading Media said that the REvil sites were hacked by law enforcement agencies
REvil ransomware stopped working again, now after hacking sites
The REvil encryptor stopped working again – all operations were stopped, as an unknown person hacked the group’s website, through which hackers accepted payments from victims and “leaked” data stolen from companies. Bleeping Computer reports that all Tor sites of the group have been disabled, and a representative of REvil posted a message on the… Continue reading REvil ransomware stopped working again, now after hacking sites
Ukrainian cyber police arrested ransomware operators who “earned” $150 million
Ukrainian Cyber Police have arrested two operators of an unnamed ransomware. It is reported that the operation was carried out jointly by the Ukrainian and French police, the FBI, Europol and Interpol. The suspects are believed to have been involved in attacks on 100 North American and European companies, “earning” in this way over $… Continue reading Ukrainian cyber police arrested ransomware operators who “earned” $150 million
Hack group REvil deceived their partners due to a backdoor
The researchers found that the creators of REvil deceived their partners using a scheme that allowed them to decrypt any systems blocked by the ransomware and take the entire ransom for themselves. Their partners ended up with nothing. Let me remind you that REvil (aka Sodinokibi) has existed since 2019 and is considered to be… Continue reading Hack group REvil deceived their partners due to a backdoor
FBI Kept Secret Key To Decrypt Data After REvil Attacks
Journalists of The Washington Post found out how the FBI obtained the key to decrypt the data, which was affected in the attacks of the REvil ransomware. First, should be recalled that the background of what is happening: last week Bitdefender published a universal utility for decrypting files affected by the attacks of the ransomware… Continue reading FBI Kept Secret Key To Decrypt Data After REvil Attacks
Added utility for decrypting data after REvil attacks
The Romanian company Bitdefender has published a universal utility for decrypting data affected by REvil (Sodinokibi) ransomware attacks. The tool works for any data encrypted before July 13, 2021. However, the company has so far refused to provide any details, citing an ongoing investigation. Let me remind you that on July 13 of this year… Continue reading Added utility for decrypting data after REvil attacks
REvil ransomware resumed attacks
Last week, the infrastructure of REvil (Sodinokibi) returned online after months of downtime, and now the ransomware has resumed attacks. The fact is that in July 2021, the hack group went offline without giving any reason. Then it was a question of shutting down an entire network of conventional and darknet sites that were used… Continue reading REvil ransomware resumed attacks