Sodinokibi Ransomware Spreads Wide via Hacked MSPs, Sites, and Spam
#1
Quote:With the GandCrab Ransomware operation shutting down, affiliates are looking to fill the hole left behind with other ransomware. Such is the case with the Sodinokibi Ransomware, whose affiliates are using a wide range of tactics to distribute the ransomware and earn a commission.
 
This is shown in a wave of attacks involving the hacking of legitimate sites and replacing a download with GandCrab, hacking into managed service providers (MSPs) to push Sodinokibi to managed endpoints, and by utilizing spam campaigns for a wide net.
 
All of these distribution campaigns end with the same result; a victim who has their files encrypted and a ransom note explaining how to pay a ransom to get them back.
 
[Image: ransom-note.jpg]
Sodinokibi Ransom Note

Continue reading here: https://www.bleepingcomputer.com/news/se...-and-spam/
[-] The following 1 user says Thank You to silversurfer for this post:
  • harlan4096
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)
[-]
Welcome
You have to register before you can post on our site.

Username/Email:


Password:





[-]
Recent Posts
QOwnNotes 19.1.6
25.1.3 The  --...Kool — 15:23
AppCheck Anti-Ransomware 3.1.39.3
Version 3.1.39.3 (...harlan4096 — 07:51
Antivirus Removal Tool 2025.01 (v.1)
An updated version...harlan4096 — 07:48
GFYI [Official] IObit Christmas 2024 Bl...
Merry Christmas and ...divinenews — 19:11
GFYI [Official] Ashampoo Christmas 2024...
Merry Christmas and ...dhruv2193 — 16:55

[-]
Birthdays
Today's Birthdays
avatar (38)ixofehym
Upcoming Birthdays
avatar (49)theoldevext
avatar (44)algratCep
avatar (49)Qlaude2Sap
avatar (43)tabthinLem
avatar (50)Josepharelf
avatar (39)kholukrefar
avatar (48)Lauraimike
avatar (50)WilsonWag
avatar (48)StevenPiole
avatar (39)zetssToomy
avatar (46)GornOr
avatar (44)StephenViedy
avatar (49)Jamesmog
avatar (37)opeqyrav
avatar (38)theatidere
avatar (47)denisEquivok
avatar (35)mikebrian01
avatar (37)ivanoFloom
avatar (40)uxegihor

[-]
Online Staff
There are no staff members currently online.

>