Our Friends at the FBI issued a cyber bulletin on 04 01 2020. This was no April Fool's Joke, but a serious cyber warning on the Sodinokibi Ransomware (pic: tgsoft.it), also known as REvil, Bluebackground, or Sodin. Red Sky Alliance / Wapack Labs was already researching this ransomware. Last week, Jesse Burke our Chief of Special Operations, provided a brief on Sodinokibi Ransomware. Look to your right (Did you miss the March Cyber Intelligence Briefing (CIB). Topics: Coronavirus Lures and Business Disruptions and Sodinokibi/REvil TTPs and Timeline) and click on "Watch Now"....and listen to Jesse provide a great brief on this ransomware. Yes - We were "on it", but we respectfully share credit with the FBI.
Sodinokibi ransomware actors have adopted new tactics with the potential to increase the number of victims and potential revenue generated from their attacks. These new tactics include examining data in compromised accounts for information that could provide leverage for extortion and searching for unpatched vulnerabilities in virtual private network (VPN) servers to facilitate deployment of malware.
Link to full FBI Cyber bulletin: pin_sodinokibi_ransomware 04 01 2020.pdf