Sodinokibi ransomware

Pierluigi Paganini September 10, 2020
SeaChange video delivery provider discloses REVIL ransomware attack

US-based supplier of video delivery software solutions, SeaChange International, revealed that a ransomware attack disrupted its operations in Q1 2020. SeaChange International, a US-based supplier of video delivery software solutions, revealed that a ransomware attack has disrupted its operations during the first quarter of 2020. SeaChange’s customers include major organizations such as BBC, Cox, Verizon, […]

Pierluigi Paganini June 02, 2020
Sodinokibi ransomware operators leak files stolen from Elexon electrical middleman

The REvil/Sodinokibi ransomware operators have leaked the files allegedly stolen from the UK power grid middleman Elexon. In May Elexon, a middleman in the UK power grid network, was the victim of a cyber attack, its systems have been infected with the Sodinokibi ransomware. The incident impacted only affected the internal IT network, including the […]

Pierluigi Paganini May 11, 2020
Sodinokibi ransomware uses MS API to encrypt open and locked files

Researchers warn of a new feature implemented in the Sodinokibi ransomware, the threat can now encrypt open and locked files. The Sodinokibi ransomware (REvil) continues to evolve, operators implemented a new feature that allows the malware to encrypt victim’s files, even if they are opened and locked by another process. Many applications lock files to prevent […]

Pierluigi Paganini May 09, 2020
Sodinokibi gang hacked law firm of the celebrities and threatens to release the docs

The Sodinokibi ransomware gang stolen gigabytes of legal documents from the law firm of the stars, Grubman Shire Meiselas & Sacks (GSMLaw). The Sodinokibi ransomware group claims to have stolen gigabytes of legal documents from the entertainment and law firm Grubman Shire Meiselas & Sacks (GSMLaw) that has dozens of international stars and celebrities among […]

Pierluigi Paganini April 24, 2020
SeaChange video delivery software solutions provider hit by Sodinokibi ransomware

The popular SeaChange video platform is the latest victim of the Sodinokibi Ransomware gang, which is threatening to leak the stolen data. SeaChange International, the multinational supplier of video delivery software solutions, was the victim of the Sodinokibi Ransomware gang. The crew has published images of the data they claim to have stolen before encrypting the […]

Pierluigi Paganini April 13, 2020
Sodinokibi Ransomware crew chooses Monero for ransom payments

The crew behind the Sodinokibi Ransomware plans to stop accepting Bitcoin and switched on Monero cryptocurrency to hide the money trail. The gang behind the Sodinokibi Ransomware has started accepting the Monero cryptocurrency instead of Bitcoin to make it harder investigation by law enforcement agencies. The crew is planning to doesn’t allow bitcoin payments in […]

Pierluigi Paganini March 09, 2020
Sodinokibi Ransomware operators threaten to leak ‘dirty’ financial data of a company

Sodinokibi Ransomware operators are threatening to leak a company’s “dirty” financial secrets because they did not pay the ransom. The operators behind the infamous Sodinokibi Ransomware are threatening to publicly release the “dirty” financial secrets of a company that refused to pay the ransom. In December, for the first time, the crime gang behind the Maze […]

Pierluigi Paganini May 01, 2019
Crooks exploit Oracle WebLogic flaw to deliver Sodinokibi Ransomware

Threat actors are exploiting a recently patched critical Oracle WebLogic Server vulnerability to deliver the Sodinokibi ransomware to organizations. Threat actors are delivering a new piece of malware, tracked as Sodinokibi, by exploiting a recently patched Oracle WebLogic Server vulnerability. Oracle WebLogic Server is a Java EE application server currently developed by Oracle Corporation, it […]