News

Latest news about B2B cyber security >>> PR agencies: add us to your mailing list - see contact! >>> Book an exclusive PartnerChannel for your news!

Tag: REvil

EDR: Old service is a door opener for Emotet, REvil & Co
March 3, 2023
| No comments
| Short news
B2B Cyber ​​Security ShortNews

Check Point Research has discovered a software service that has been helping hackers bypass EDR (Endpoint Detection & Response) protection for over six years. The software service serves as a door opener for Emotet, REvil, Maze and other malware. Beneficiaries of the TrickGate service include well-known malware such as Cerber, Trickbot, Maze, Emotet, REvil, Cobalt Strike, AZORult, Formbook, AgentTesla - a colorful parade of top malware Check Point releases monthly. Old service levers out EDR TrickGate is transformative and changes regularly, which helped keep it…

Read more

Ransom Cartel ransomware-as-a-service comes from REvil?
18 November 2022
| Ein Kommentar
| Short news
B2B Cyber ​​Security ShortNews

IT security provider Palo Alto Networks and its malware analysis team Unit42 report new findings on "Ransom Cartel" - a ransomware as a service (RaaS) provider that first surfaced in mid-December 2021. Technically, there is overlap with the REvil ransomware. This group of criminals perform dual ransomware attacks and share several similarities and technical overlaps with REvil ransomware. REvil ransomware disappeared just months before the ransomware cartel emerged and just a month after 14 of its suspected members were arrested in Russia. When Ransom Cartel first emerged, it was unclear if it...

Read more

Ransomware Report: LockBit by far the most active
10 October 2022
| No comments
| Stories

As in the previous months, LockBit remained by far the most active ransomware in August. Only then does triple extortion follow: the attack with DDoS in addition to encryption and blackmail. At least that is what the current August ransomware report by Malwarebytes shows. Malwarebytes' threat intelligence team attributed 2022 attacks to the ransomware group in August 62 (compared to 61 attacks in July 2022 and 44 attacks in June 2022). For REvil, however, Malwarebytes only noted one attack in August. RansomEXX reports its first victim in four months and Snatch reports after 40 days...

Read more

Ransomware Report: LockBit, Black Basta and even REvil
August 31, 2022
| No comments
| Stories
Ransomware Report: LockBit, Black Basta and even REvil

The July 2022 ransomware report from Malwarebytes shows little news. LockBit and Black Basta continue to lead in attack statistics. What is new, however, is the appearance of the ransomware REvil (also known as Sodinokibi), which was believed to be dead. As in previous months, LockBit remains by far the most active ransomware. Malwarebytes' threat intelligence team attributed 2022 attacks to the ransomware group in July 61 (compared to 44 attacks in June 2022 and 73 attacks in May 2022). Black Basta, a relatively new ransomware variant that first appeared in April 2022, follows LockBit with 35…

Read more

Are Phantom Squad and REvil back?
June 11, 2022
| No comments
| Radware, Short news
B2B Cyber ​​Security ShortNews

Of particular concern, according to Radware, is the fact that ransomware DoS (RDoS) groups are becoming more sophisticated and sophisticated, and launching increasingly sophisticated attacks. There are early indications that Phantom Squad and REvil are active again. In the past few months, Radware researchers have observed a significant increase in DDoS activity around the world. The tactics, techniques, and procedures (TTPs) employed by different groups are evolving, threatening target companies in the US, Asia, and Europe. Is Phantom Squad back? After a five-year hiatus, a new ransomware letter has been circulated…

Read more

2021: Ransomware payments hit new record
8 April 2022
| No comments
| Stories

Ransomware payments hit a new record in 2021 as more and more data is offered on the dark web. Recent study by Palo Alto Networks Unit 42 shows average ransom demand up 144 percent to $2,2 million, average payment up 78 percent to $541.010. Ransomware payments hit new records in 2021 as cybercriminals increasingly turn to dark web "leak sites". By threatening to release sensitive data, they pressure their victims to make them pay. This is reports Unit 42 of Palo Alto Networks (NASDAQ: PANW), worldwide...

Read more

REvil: Record of a gang of cyber extortionists
26. February 2022
| No comments
| Bitdefender, Stories
REvil: Record of a gang of cyber extortionists

REvil has been one of the most prolific ransomware-as-a-service campaigns in recent memory. Thousands of technology companies, managed service providers, and organizations from a wide variety of industries worldwide have been among their victims. Bitdefender draws the preliminary balance sheet of an extortion enterprise. The cooperation between security authorities and IT experts led to great success in the second half of 2021. Joint efforts were necessary because the cyber criminals also cooperated successfully. The experts at Bitdefender Labs take stock of the – perhaps only temporary – failure of a successful wave of ransomware-as-a-service. International strikes against REvil backers Most recently, international investigators struck heavy blows against the criminal REvil backers: In…

Read more

Russian authorities are said to have broken up the REvil group
17 January 2022
| No comments
| Short news
B2B Cyber ​​Security ShortNews

As reported by Tageschau.de, the Russian authorities state that they tracked down and smashed the hacker group REvil. Hackers from the REvil group are said to be behind thousands of ransomware attacks, such as on the American IT service provider Kaseya and its 40.000 business customers. As reported by Tageschau.de, the US has asked the Russian authorities whether reports of the hacker group REvil being broken up are true. According to their own statements, Russian investigators have now dissolved the REvil infrastructure. The domestic secret service FSB announced that the illegal activities of the members had been smashed. During searches at 14 places of residence, money and equipment were...

Read more

REvil decryptor saved over $ 500 million
9 December 2021
| No comments
| Bitdefender, Short news
Bitdefender_News

Bitdefender released the REvil decryptor back in September, which was able to restore data encrypted by REvil ransomware. The security provider Bitdefender not only developed the tool, but also helped a lot in breaking up the organization. Romanian authorities have also made arrests as part of the REvil investigation. These are some of the results of Operation GoldDust, a coordinated action involving 19 law enforcement agencies in Australia, Belgium, Canada, France, Germany, the Netherlands, Luxembourg, Norway, Poland, Romania, South Korea, Sweden, Switzerland, Kuwait, the United United Kingdom and the United States as well as Europol, Interpol and Eurojust involved ...

Read more

REvil: Access by ransomware group - $ 6 million ransom found
10 November 2021
| No comments
| Short news
B2B Cyber ​​Security ShortNews

In an internationally coordinated operation, investigators arrested several affiliates of the ransomware-as-a-service REvil, imposed sanctions and seized $6,1 million in ransom money. German investigators were also involved in the "GoldDust" operation. Among those arrested is the Ukrainian Yaroslav Vasinskyi, who is said to be responsible for the attack on the Kaseya company and its customers. Kimberly Goody, Mandiant's director of financial crime analysis, offers a statement on the investigators' recent accomplishments and their implications for cybersecurity. Operation 'GoldDust' also catches backers "These recent events show that...

Read more

© 2024 MedPressIT GbR
Cookie Settings