New REvil samples indicate the comeback of the REvil gang
By MYBRANDBOOK
An analysis of new ransomware samples has revealed that the notorious ransomware operation known as REvil has resumed after six months of inactivity.
Known as Ransomware Evil, REvil is a ransomware-as-a-service (RaaS) scheme attributed to a Russia-based group known as Gold Southfield. Earlier this year, several members belonging to the cybercrime gang were arrested by Russia's Federal Security Service.
While the sample was found to not encrypt files and only add a random extension, an error has been introduced in the functionality that renames files that are being encrypted. The researchers noted the Gold Southfield malware uses much of the same source code as older REvil samples and much of the same infrastructure to host and disclose its victims.
Analysis of these samples indicates that the developer has access to REvil's source code, reinforcing the likelihood that the threat group has reemerged. The identification of multiple samples with varying modifications in such a short period of time and the lack of an official new version indicates that REvil is under heavy active development once again.
Operational since 2019, the ransomware group made headlines last year for their high-profile attacks on JBS and Kaseya, prompting the gang to formally shut down in October 2021 after a law enforcement action hijacked its server infrastructure.
The RaaS model has proven itself to be highly lucrative for the group, as REvil and its members have hauled in millions of dollars in extortion and ransom payments. After the recent resurgence, experts warn that ransomware incidents could potentially see a jump as one of the most prolific operation returns.
Happiest Minds brings in an innovative GenAI chatbot
Happiest Minds Technologies has announced the new GenAI chatbot - ‘hAPPI...
Government mandates encryption for CCTV cameras to ensure netw
In the wake of issuing an internal advisory on securing CCTV cameras at g...
TRAI recommends allowing only Indian entities to participate i
The Telecom Regulatory Authority of India (TRAI) has recommended that onl...
Galaxy AI is available on more devices with Samsung One UI 6.1
Samsung has expanded the range of smartphones to which One UI 6.1 and Gala...
DIGISOL SYSTEMS LTD.
QUICK HEAL TECHNOLOGIES PVT. Ltd.
LUMINOUS POWER TECHNOLOGIES PVT. LTD.
RAMCO SYSTEMS Ltd.
Technology Icons Of India 2023: Sandip Patel
Sandip Patel is the Managing Director, IBM India/South Asia. He is res...
Technology Icons Of India 2023: Nikhil Rathi
Nikhil Rathi, Co-founder & CEO of Web Werks, a global leader in Data C...
Technology Icons Of India 2023: Ritesh Agarwal
Ritesh Agarwal Founder & CEO of OYO Hotels & Homes-World’s fastest g...
STPI encouraging software exports from India
Software Technology Parks of India (STPI) is an S&T organization under...
NIC bridging the digital divide and supporting government in eGovernance
The National Informatics Centre (NIC) is an Indian government departme...
CERT-IN protecting the cyber security space of India
CERT-In serves in the area of cyber security threats like hacking and ...
WPG C&C COMPUTERS & PERIPHERALS PVT. LTD.
WPG C&C Computers & Peripherals (India) was incorporated in 2008 and ...
TECHNOBIND SOLUTIONS PVT. LTD.
TechnoBind’s business model is focused on identifying and partnering...
SATCOM INFOTECH PVT. LTD.
Satcom Infotech Pvt. Ltd is a distribution houses in security in India...