Sodinokibi ransomware is hardly three months old yet well known among cybersecurity professionals. Also known as Sodin and REvil, the ransomware has an apparent connection with the infamous, but now defunct, GandCrab ransomware.
Sodinokibi is a Ransomware as a Service (RaaS), like GandCrab, but believed to be more advanced. The threat has been equally targeting businesses and consumers since around May. Towards the end of May, the threat actors behind GandCrab announced their retirement, though many expressed skepticism over whether the team would truly walk away from their successful money-making scheme. It appears the group reemerged putting a spin on an old product with the introduction of the new Sodinokibi product. This ransomware is following an affiliate revenue system, which allows other cybercriminals to spread it through several vectors.
To learn more about the attack methods, infection symptoms, and how to protect your system, visit here.