News • Insights • Analysis
Once used exclusively by the cybercriminals behind REVil ransomware and the Gootkit banking trojan, GootLoader and its primary payload have evolved into an initial access as a service platform—with Gootkit providing information stealing capabilities as well as the capability to Read More …
A Ukrainian man has been sentenced to 13 years and seven months in prison for his role in conducting more than 2,500 ransomware attacks across the globe. Yaroslav Vasinskyi, 24, demanded more than $700 million in ransom payments for data Read More …
The second quarter of 2023 was characterized by thought-out, tailored and persistent waves of DDoS attack campaigns on various fronts, including: Multiple DDoS offensives orchestrated by pro-Russian hacktivist groups REvil, Killnet and Anonymous Sudan against Western interest websites. An increase Read More …
Ransom Cartel is ransomware as a service (RaaS) that surfaced in mid-December 2021. This ransomware performs double extortion attacks and exhibits several similarities and technical overlaps with REvil ransomware. REvil ransomware disappeared just a couple of months before Ransom Cartel Read More …
Since it became operational in April, Black Basta has garnered notoriety for its recent attacks on 50 organizations around the world and its use of double extortion, a modern ransomware tactic in which attackers encrypt confidential data and threaten to Read More …
REvil has emerged as one of the world’s most notorious ransomware operators. In summer 2021, it extracted an $11 million payment from the U.S. subsidiary of the world’s largest meatpacking company based in Brazil, demanded $5 million from a Brazilian Read More …
The notorious REvil ransomware gang appears to have returned from the bowels of the dark web, three months after the arrest of 14 of its suspected members, with its old website forwarding to a new operation that lists both previous Read More …
In early December 2021, a new ransomware actor started advertising its services on a Russian underground forum. They presented themselves as ALPHV, a new generation Ransomware-as-a-Service (RaaS) group. Shortly afterwards, they dialed up their activity, infecting numerous corporate victims around Read More …
A Ukrainian national accused of a major ransomware attack will face charges in Texas after his extradition from Poland, the Justice Department announced Wednesday. Yaroslav Vasinskyi, 22, is charged with unleashing ransomware known as Sodinokibi/REvil against companies including Kaseya, a Read More …
Russia has conducted a special operation against ransomware crime group REvil at the request of the United States and has detained and charged the group’s members, the FSB domestic intelligence service said on Friday. The hacker group sought by Washington Read More …