Dismiss this notice
ExpressVPN Valentines 2021 Giveaway - https://www.geeks.fyi/showthread.php?tid=14246

Dismiss this notice
Internet Download Manager Giveaway - https://www.geeks.fyi/showthread.php?tid=14245

Thread Rating:
  • 1 Vote(s) - 5 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Evil Corp Impersonates PayloadBin Group to Avoid Federal Sanctions
#1
Information 
Quote:The criminal group Evil Corp is trying to mask its latest activity by using previously unknown ransomware called PayloadBin, according to researchers. The move is believed to be an attempt to confuse law enforcement and avoid sanctions imposed by the U.S. federal government against entities it believes are linked to Evil Corp, according to published reports.
 
Evil Corp, widely associated with the info-stealing Dridex malware, has been the target of a crackdown by U.S. authorities since 2019. As part of that effort, the U.S. Treasury Department’s Office of Foreign Assets Control (OFAC) imposed sanctions against anyone or organization it believes has ties with the criminal enterprise. This action effectively prevents ransomware negotiation firms from facilitating ransom payments with Evil Corp, which limits its ability to profit from criminal activity.
 
When first discovered, researchers believed PayloadBin was related to a criminal group associated with use of malware called Babuk Locker, according to a published report. That’s because the Babuk crew recently announced it was hanging up its ransomware hat to switch to a new cybercriminal effort. Researchers then said the cybergang regrouped and introduced new tactics and branding, calling themselves “PayloadBin” at the end of May.
 
At the time, researchers thought that the Babuk crew might have changed its mind about foregoing ransomware, as the PayloadBin sample presented itself as ransomware that encrypted files and left a ransom note.
 
However, upon further inspection, researchers identified the malware as the work of Evil Corp based on previous ransomware operations of that group, according to the report, which was corroborated by security researcher Fabian Wosar on Twitter.
 
“Looks like EvilCorp is trying to pass off as Babuk this time,” Wosar tweeted. “As Babuk releases their PayloadBin leak portal, EvilCorp rebrands WastedLocker once again as PayloadBin in an attempt to trick victims into violating OFAC regulations.”

Read more: Evil Corp Impersonates PayloadBin Group to Avoid Federal Sanctions | Threatpost
[-] The following 1 user Likes silversurfer's post:
  • harlan4096
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)
[-]
Welcome
You have to register before you can post on our site.

Username:


Password:





[-]
Recent Posts
Hackers Steal FIFA 21 Source Code, Tools...
Hackers have breac...silversurfer — 07:23
Cyberpunk 2077 Hacked Data Circulating O...
Earlier this year,...silversurfer — 07:21
Baby Clothes Giant Carter’s Leaks 410K C...
Baby clothes retai...silversurfer — 07:18
Monumental Supply-Chain Attack on Airlin...
A monster cyberatt...silversurfer — 07:16
Ashampoo Snap 12: A ‘limited-comparativ...
Wow! such a great r...jasonX — 03:46

[-]
Birthdays
Today's Birthdays
avatar (35)Julioagopy
Upcoming Birthdays
avatar (34)Tedscolo
avatar (41)brakasig
avatar (40)JamesReshy
avatar (42)Francisemefe
avatar (35)leoniDup
avatar (34)Patrizaancem
avatar (34)biobdam
avatar (35)storoBox
avatar (43)kinotHeemn
avatar (34)Ceballos1976
avatar (35)efynu
avatar (27)horancos

[-]
Online Staff
There are no staff members currently online.

>