One of the most productive and successful ransomware gangs in the world found a new trick to attack victims her. Scans networks to locate point of sale (PoS) devices. The ransomware team behind this technique is the well-known Sodinokibi or REvil. This group appeared in April 2019 and has become one of the most devastating ransomware gangs in the world.
Great and famous Companies have fallen victim to Sodinokibi ransomware, with attackers demanding a ransom of hundreds of thousands of dollars or even millions in order to give the decryption key.
In many cases, victims feel they have no choice but to pay ransom.
“Scanning systems for PoS software is interesting, as it is not something we see happening alongside ransomware attacks", Wrote the Symantec researchers.
"It will be interesting to see if it was just something that happened in this campaign, or if it is going to be a new tactic to be adopted by ransomware gangs."
The new scanning technique for PoS Appliances was detected in a targeted Sodinokibi campaign food and health care services and sectors. The victims are large companies that can pay large sums of money.
Whatever the reason Sodinokibi team is looking for credit cards and payment information, the fact that it is one of the largest ransomware gangs does not change.
"One thing is clear hackers who use Sodinokibi are evolved and specialized "And there is no sign that they will stop their malicious activities soon," the researchers said.