New REvil samples indicate the comeback of the REvil gang
By MYBRANDBOOK
An analysis of new ransomware samples has revealed that the notorious ransomware operation known as REvil has resumed after six months of inactivity.
Known as Ransomware Evil, REvil is a ransomware-as-a-service (RaaS) scheme attributed to a Russia-based group known as Gold Southfield. Earlier this year, several members belonging to the cybercrime gang were arrested by Russia's Federal Security Service.
While the sample was found to not encrypt files and only add a random extension, an error has been introduced in the functionality that renames files that are being encrypted. The researchers noted the Gold Southfield malware uses much of the same source code as older REvil samples and much of the same infrastructure to host and disclose its victims.
Analysis of these samples indicates that the developer has access to REvil's source code, reinforcing the likelihood that the threat group has reemerged. The identification of multiple samples with varying modifications in such a short period of time and the lack of an official new version indicates that REvil is under heavy active development once again.
Operational since 2019, the ransomware group made headlines last year for their high-profile attacks on JBS and Kaseya, prompting the gang to formally shut down in October 2021 after a law enforcement action hijacked its server infrastructure.
The RaaS model has proven itself to be highly lucrative for the group, as REvil and its members have hauled in millions of dollars in extortion and ransom payments. After the recent resurgence, experts warn that ransomware incidents could potentially see a jump as one of the most prolific operation returns.
CERT-In warns Apple device users about severe vulnerabilities
The security experts have identified some severe vulnerabilities in some ve...
Three Technology Trends Gaining Traction in Banking and Invest
Generative artificial intelligence (AI), autonomic systems and privacy-enh...
JP Morgan relegates Indian IT sector to underweight
JP Morgan has downgraded the Indian Information Technology (IT) sector t...
Govt warns SBI users to delete scam messages immediately to av
The State Bank of India (SBI) is warning users of a new scam that scammer...
Icons Of India 2021 : NAVEEN TIWARI
Naveen Tewari is an Indian entrepreneur and the founder and CEO of InM...
Icons Of India 2021 : ROSHNI NADAR MALHOTRA
Roshni Nadar Malhotra is the CEO and Executive Director of the $9.9 bi...
Icons Of India 2021 : SOM SATSANGI
Som Satsangi is the present MD India at HPE. Prior to this he was the ...