[MART] - Daily Diary #377 - Ransomware Gangs Manifest After REvil Disruption

CTAS-MAT ctas-mat at appgate.com
Tue Oct 26 17:56:49 UTC 2021

I hope everyone is doing well!

Below is the entry for today.

10/26/2021 - Diary entry #377

In our Daily Diary #375, we covered FBI's most recent strike against Sodinokibi (a.k.a. REvil). Since the operation, Sodinokibi's Happy Blog, their wall-of-shame where they publish stolen data from victims that refused to pay the ransom, is offline.

After the incident, some ransomware gangs started to retaliate. Groove Ransomware published in their deep-web blog a Russian note, condemning US actions to disrupt REvil. Groove also calls for other ransomware gangs to focus on US interests, aiming the US public sector in their next attacks.

Conti Ransomware, one of the many monitored by our team's Ransom Tracker, also published a note on their website. Ironically, they condemn FBI's offensive actions, alleging that REvil servers were illegally hacked.

Other ransomware gangs also manifested after REvil disruption. It's not clear if those notes will effectively cause a raise in ransomware attacks in the US, but we highly recommend to government agencies to reinforce their cyber-security measures, adopting a zero trust model to contain any damage from this kind of attack.

Kind Regards,


[https://d3aafpijpsak2t.cloudfront.net/images/Signature/likedin@2x.png]<https://www.linkedin.com/company/appgate-security/>     [https://d3aafpijpsak2t.cloudfront.net/images/Signature/twitter@2x.png] <https://twitter.com/AppgateSecurity>   [https://d3aafpijpsak2t.cloudfront.net/images/Signature/youtube@2x.png] <https://www.youtube.com/channel/UC-8GvxcZbm-R3EJNl8jYjiQ>

Felipe Duarte Domingues
Security Researcher

E: felipe.duarte at appgate.com<mailto:felipe.duarte at appgate.com>
O: +55 19 98840 2509

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.immunityinc.com/pipermail/mart/attachments/20211026/a89c37f4/attachment.htm>

More information about the MART mailing list