Sodinokibi Ransomware Exposes Data of a Firm That Failed To Pay Ransom on Time

Sodinokibi, one of the popular ransomware groups which infected New York airport system and Travelex recently, is now acting upon its words. The group, as usual, threatened its victims to pay ransomware within the stipulated time in exchange for their stolen data. And when a firm failed to do so, it just released 337MB worth of its data publicly!

Standing By Promise

This is the first time Sodinokibi did it. Not the attack, but disclosing the data. On 11th January this year, the hackers posted links to data files of Artech Information Systems, which identifies itself as one of the largest IT staffing companies in the U.S. Further, it warned them as,

“This is a small part of what we have. If there are no movements, we will sell the remaining, more important and interesting commercial and personal data to third parties, including financial details.”

While the Artech groups deny the data belonging to them, it has taken its website offline for an unknown reason. No spokesperson from the company has responded to any of the requests yet.

Sodinokibi Ransomware
Image By Wikipedia

Sodinokibi, also known as REvil was been significant in 2018-19 timeline. From the research of several security firms, Sodinokibi is either an evolvement of GandCrab or in association with it, which caused around 40% of ransomware attacks in its active period.

This malicious groups operate generally as other players but strongly and quickly. It infects primarily by sending malicious links and dumping payload after accessing the systems. It later hides from threat detectors and steals data from the system to be transported to the attacker. Other victims of Sodinokibi are CDH Investments, New York airport, Travelex.

The hacker group is reported to coming at the finals settlements with Travalex’s deal. It’s touted that the group first demanded $3 million as ransom, but doubled the amount you $6 million and threatened Travelex to pay within the stipulated time. Sodinokibi is confident about Travalex’s pay, as in reply to BleepingComputer, the ransom group confirmed that the deal between victim and them will be mutually beneficial.

LEAVE A REPLY

Please enter your comment!
Please enter your name here