A new ransomware strain called Sodinokibi has been detected in the wild, targeting businesses and individuals. The ransomware is distributed via compromised Remote Desktop Protocol (RDP) servers and is spread through malicious email attachments. Once it is installed on a system, it encrypts files and demands a ransom payment in Bitcoin.
Sodinokibi is a particularly dangerous type of ransomware as it is able to spread quickly and effectively, making it difficult to contain. It is also capable of exfiltrating data from compromised systems, adding to the urgency of stopping the infection.
Security researchers have identified Sodinokibi as a variant of the GandCrab ransomware that was first discovered in January 2018. The ransomware is distributed through malicious emails that contain a link to download the malicious payload. Once the payload is downloaded, it is installed on the system and begins encrypting files. It then displays a ransom note demanding payment in Bitcoin.
Sodinokibi is a serious threat to businesses and individuals alike. It is important to take steps to protect your systems from this type of attack, such as using strong passwords, keeping systems up to date, and using a reliable antivirus program. Additionally, it is important to backup important data regularly, so that if a system is infected, the data can be restored.