New Malware Samples Indicate the Comeback of REvil Ransomware

New Malware Samples Indicate the Comeback of REvil Ransomware

The REvil ransomware campaign has resumed, according to new malware samples and a new Tor-based leak website.

Secureworks, which watches the REvil group as Gold Southfield, examined malware samples allegedly developed in March and April and concluded that the developer has access to the original REvil source code.

Avast said in late April that it had blocked a ransomware sample that appeared to be a new REvil strain, but that it did not encrypt files and just added a random extension. According to Secureworks, the weakness was introduced by the malware developer, and the ransomware is still in development. Secureworks outlined the differences between new samples and prior versions of REvil on Monday.

Read More: https://www.securityweek.com/new-malware-samples-indicate-return-revil-ransomware

For more such updates follow us on Google News ITsecuritywire News. Please subscribe to our Newsletter for more updates.