What is Sodinokibi Ransomware?

Sodinokibi (source: malwarebytes.com)
Encryption message by attackers (source: malwarebytes.com)
  • It exploits an Oracle WebLogic Server vulnerability [CVE-2019–2725]
  • It targets Windows systems [Malwarebytes]
  • Attackers are associated with GradCrab ransomware family
  • It uses AES and Salasa20 encryption algorithms
  • Also known as REvil and Sodin
  • IOCs (File Hashes) related to Sodinokibi:
    f0a16b0224a24647e9e8cf2f6f4479d93c8fb540a7ca656023a41f399e6c69c2
    963e31fef7c8db9e002c56ee30fd3cd4b240db466bc23687979e2f161ba5606e
    e5d23a3bb61b99e227bb8cbfc0e7f1e40fea34aac4dcb80acc925cfd7e3d18ec
  • Take a deep dive on this ransomware at acronis.com

--

--

--

#probability #statistics #ML #DL #coding #security #building #digest

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

How to Enhance the Security of your Crypto Wallet

Staking Update: Week 51! April 26, 2021 🚀

Castles vs. Coalitions: How militaries protect their estates from supply chain cyber attacks

DIDComm and the Self-Sovereign Internet

Lie Proofed Internet

IDOR leads to account takeover

How to Tell If Your Phone Is Hacked and How to Fix It

Signing GIT Commits with GPG

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Digestize

Digestize

#probability #statistics #ML #DL #coding #security #building #digest

More from Medium

The seven elements required in a good note-taking application.

CertBot 我又來了

Expanding/Replacing a ZFS drive vDev on ZFS on Linux

5 Ways to Protect Corporate Virtual Private Networks