The operators behind Sodinokibi Ransomware have published the download links to archives containing data allegedly stolen from the US firm Kenneth Cole Productions.
The news was first reported by the Under the Breach research group.
Sodinokibi (aka REvil) is available in the underground market as a Ransomware-as-a-Service model, the gang behind the Sodinokibi ransomware has been very active in the US in recent months, in December, CyrusOne, one of the major US data center provider, was hit by the same ransomware. In January, Synoptek, a California-based IT service provider decided to pay the ransom to decrypt its files after being infected with the Sodinokibi ransomware.
Kenneth Cole Productions, Inc. is an American fashion house founded in 1982 by Kenneth Cole.
The Sodinokibi ransomware operators claim to have stolen over 70,000 documents with financial and work data, and more than 60,000 records of company customers.
The Sodinokibi gang requested the payment of a ransom and threatens to leak online the full dump containing stolen data in case the company will decide to not meet the request.
“Kenneth Cole Productions, you have to hurry,” the ransomware operators said. “When time is up and there is no feedback from you, the entire cloud data will be published, including your customers’ personal data.”
In January the Sodinokibi operators published data from another victim, the US IT staffing company Artech Information Systems
In December, for the first time, the crime gang behind the Maze ransomware, decided to blackmail the victims and force them to pay the ransom.
This move is shocking and brings the ransomware attack to a higher level of threat, we can expect that other cybercrime gangs will adopt a similar strategy to blackmail the victims and force them to pay the ransom.
Other groups, such as the Nemty Ransomware and BitPyLock gangs adopted the same technique in January 2020.
[adrotate banner=”9″] | [adrotate banner=”12″] |
(SecurityAffairs – hacking, Kenneth Cole)
[adrotate banner=”5″]
[adrotate banner=”13″]
CISA adds Cisco ASA and FTD and CrushFTP VFS vulnerabilities to its Known Exploited Vulnerabilities…
U.S. CISA added the Windows Print Spooler flaw CVE-2022-38028 to its Known Exploited Vulnerabilities catalog.…
The U.S. Department of Justice (DoJ) announced the arrest of two co-founders of a cryptocurrency mixer…
Google addressed a critical Chrome vulnerability, tracked as CVE-2024-4058, that resides in the ANGLE graphics…
Nation-state actor UAT4356 has been exploiting two zero-days in ASA and FTD firewalls since November…
A malware campaign has been exploiting the updating mechanism of the eScan antivirus to distribute…
This website uses cookies.