U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

Sodinokibi Ransomware crew chooses Monero for ransom payments

The crew behind the Sodinokibi Ransomware plans to stop accepting Bitcoin and switched on Monero cryptocurrency to hide the money trail. The gang behind the Sodinokibi Ransomware has started accepting the Monero cryptocurrency instead of Bitcoin to make it harder investigation by law enforcement agencies. The crew is planning to doesn’t allow bitcoin payments in […]

Sodinokibi monero

The crew behind the Sodinokibi Ransomware plans to stop accepting Bitcoin and switched on Monero cryptocurrency to hide the money trail.

The gang behind the Sodinokibi Ransomware has started accepting the Monero cryptocurrency instead of Bitcoin to make it harder investigation by law enforcement agencies.

The crew is planning to doesn’t allow bitcoin payments in the future.

The use of the Tor anonymized network to make Monero payments makes it impossible to trace the funds and attempt to de-anonymize the threat actors behind the campaign.

Any transaction in the Monero cryptocurrency scheme is anonymous due to the CryptoNote application layer protocol and the obfuscation implements into the protocol.

Sodinokibi operators announced that they will remove Bitcoin as an accepted payment method.

“In this regard, we inform you that after a while the BTC will be removed as a payment method. Victims need to begin to understand the new cryptocurrency, as well as other interested parties who work with us,” Sodinokibi operators declared.

“On the Sodinokibi Tor payment site, the ransomware operators have already started to move away from bitcoin by making Monero the default payment currency.” reported BleepingComputer.

Sodinokibi monero

To discourage the use of Bitcoin, the crooks increase the Bitcoin ransom amount by 10% respecting Monero ones.

The Sodinokibi operators are also offering a discount to the companies that will assist their victims in paying the ransom. In many cases, victims of ransomware pay companies to assist them in recover the data and if necessary to contact the ransomware gang to pay for the descriptor. Sodinokibi operators are offering to these companies a significant discount that could be added to their fee.

“Companies that assist our victims in acquiring the decryptor will be pleasantly surprised by the% discount on the amount of the ransom. In order to start working with us, it is enough to write in a chat and introduce yourself as a company of this type of activity. Our collaboration is completely anonymous. We do not disclose the data of our partners,” states the ransomware operators.

[adrotate banner=”9″][adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – ransomware, hacking)

[adrotate banner=”5″]

[adrotate banner=”13″]