Threat Spotlight: Sodinokibi ransomware attempts to fill GandCrab void

Sodinokibi, also known as Sodin and REvil, is hardly six months old, yet it has quickly become a topic of discussion among cybersecurity professionals because of its apparent connection with the infamous-but-now-defunct GandCrab ransomware. On May 31, the threat actors behind GandCrab formally announced their retirement, detailing their plan to cease selling and advertising GandCrab in a dark … [Read more...]

A week in security (January 15 – January 21)

Last week on Labs, we gave you some background information about cookies, specifically which ones to worry about and why. We also warned you about scams surrounding the Mega Millions winner, who promised to donate his money to good causes. We analyzed a cryptocurrency miner using a very old technique called Heaven’s Gate to make injections into 64-bit processes from 32-bit loaders. On top of … [Read more...]

A coin miner with a “Heaven’s Gate”

You might call the last two years the years of ransomware. Ransomware was, without a doubt, the most popular type of malware. But at the end of last year, we started observing that ransomware was losing its popularity to coin miners. It is very much possible that this trend will grow as 2018 progresses. From the point of view of the victim, this is a huge relief, because miners are not as much of … [Read more...]