21 June 19, 16:53
(This post was last modified: 21 June 19, 16:55 by silversurfer.)
Quote:With the GandCrab Ransomware operation shutting down, affiliates are looking to fill the hole left behind with other ransomware. Such is the case with the Sodinokibi Ransomware, whose affiliates are using a wide range of tactics to distribute the ransomware and earn a commission.
This is shown in a wave of attacks involving the hacking of legitimate sites and replacing a download with GandCrab, hacking into managed service providers (MSPs) to push Sodinokibi to managed endpoints, and by utilizing spam campaigns for a wide net.
All of these distribution campaigns end with the same result; a victim who has their files encrypted and a ransom note explaining how to pay a ransom to get them back.
Sodinokibi Ransom Note
![[Image: ransom-note.jpg]](https://www.bleepstatic.com/images/news/ransomware/s/Sodinokibi/wider-distribution/ransom-note.jpg)
Continue reading here: https://www.bleepingcomputer.com/news/se...-and-spam/
![[-]](https://www.geeks.fyi/images/collapse.png)
