Last weekend, one of Argentina’s largest internet providers, Telecom Argentina, suffered from REvil (Sodinokibi) ransomware attack. Malware has infected about 18,000 computers, and now REvil operators demand $7.5 million from the company. The ZDNet magazine writes that the attackers managed to gain domain administrator rights, thanks to which the ransomware quickly spread to 18,000 workstations.… Continue reading REvil Operators Demand $7.5 Million Ransom from Argentine Internet Provider
Tag: REvil
IS specialists studied working methods of the REvil (Sodinokibi) ransomware operators
Information security specialists of the Danish provider KPN applied sinkholing to REvil (Sodinokibi) cryptographic servers and studied the working methods of one of the largest ransomware threats today. Recall that REvil works under the “ransomware as a service” (RaaS) scheme, which means malware is leased to various criminal groups. “Because there are many groups, as… Continue reading IS specialists studied working methods of the REvil (Sodinokibi) ransomware operators
Citrix releases new patches, racing with the hackers that install encryptors on vulnerable machines
Destructive race: Citrix releases new patches, and hackers are actively attacking vulnerable servers and installing encryption engines on them. It seems that users are losing. At the beginning of this year was discovered CVE-2019-19781 vulnerability, which affects a number of versions of Citrix Application Delivery Controller (ADC), Citrix Gateway, as well as two old versions… Continue reading Citrix releases new patches, racing with the hackers that install encryptors on vulnerable machines