Friday, October 23, 04:25
Home security Sodinokibi ransomware: Scans networks for PoS devices

Sodinokibi ransomware: Scans networks for PoS devices

Sodinokibi ransomware

One of the most productive and successful ransomware gangs in the world found a new trick to attack victims her. Scans networks to locate point of sale (PoS) devices. The ransomware team behind this technique is the well-known Sodinokibi or REvil. This group appeared in April 2019 and has become one of the most devastating ransomware gangs in the world.

Great and famous Companies have fallen victim to Sodinokibi ransomware, with attackers demanding a ransom of hundreds of thousands of dollars or even millions in order to give the decryption key.

In many cases, victims feel they have no choice but to pay ransom.

Now, her researchers Symantec discovered that the hackers of Sodinokibi ransomware use a new technique in their campaigns. Before encrypting victims' hacked networks, they scan them for PoS devices.

This technique can be used for making more money from other campaigns. But hackers can also use them directly data payment to attack accounts or to sell underground Forums.


The Sodinokibi gang uses it regularly theft and exploitation techniques data of victims. Along with his hackers Maze of ransomware, publish information stolen from victims who do not pay the ransom.

"Scanning systems for PoS software is interesting, as it's not something we see happening in parallel with ransomware. attacks", Wrote the researchers of Symantec.

"It will be interesting to see if it was just something that happened in this campaign, or if it is going to be a new tactic that will be adopted by ransomware gangs."

The new scanning technique for PoS Appliances was detected in a targeted Sodinokibi campaign food and health care services and sectors. The victims are large companies that can pay large sums of money.

Whatever the reason Sodinokibi team is looking for credit cards and payment information, the fact that it is one of the largest ransomware gangs does not change.

"It simply came to our notice then hackers who use Sodinokibi are evolved and specialized and there is no sign that they will stop their malicious activities any time soon, "the researchers said.

Sodinokibi ransomware exploits vulnerabilities to gain access to networks of victims. Therefore, one of the best ways to protect an organism is to tactic information of systems of.


Please enter your comment!
Please enter your name here

Digital Fortress
Digital Fortress
Pursue Your Dreams & Live!


How to remove Edge tabs from Alt + Tab in Windows 10

Starting with the October 2020 update, Windows 10 now displays Microsoft Edge browser tabs in the Alt + Tab task ...

Patient information is held for ransom by hackers

A company offering psychological support and psychotherapy services to thousands of patients in Finland has fallen victim to hackers. As the company stated, ...

ESafety believes that social media authentication would not be practical

Australian eSafety Commissioner Julie Inman-Grant has dismissed the practice of verifying users' identities on social media.

First beta version of the "1Password" application for Linux

One and a half months after the first rumors about the release of the 1Password application for the Linux desktop, the co-founder of Dave Teare announced now ...

The price of Bitcoin skyrockets after PayPal adds cryptocurrency

The price of Bitcoin reached a very high record on Wednesday, after the announcement of PayPal for the integration of cryptocurrency in the online ...

Dr Reddy is closing its laboratories worldwide following a data breach

The pharmaceutical company Dr Reddy 's Laboratories (DRL) was forced to close its laboratories worldwide, after a data breach that ...

PayPal lets users use cryptocurrency

PayPal on Wednesday announced a new feature that will allow users to buy, store and sell cryptocurrency.

Activists are developing face recognition technology to reveal the identities of police officers

In early September, Portland, Oregon City Council held a virtual meeting to consider legislation that ...

Tesla share rises almost 5%

Tesla's Elon Musk released the results for the third quarter of 2020 on Wednesday. The share rose almost 5% on ...

Account Takeover Attacks: How to Avoid Them?

Account Takeover (ATO) attacks are a form of theft, often used by criminals. The attackers are trying to break into accounts ...