The cybersecurity researcher MalwareHunterTeam explains that their ransomware belongs the the SFile family, most likely SFile2. Their start appearing around middle of last month.
The cybersecurity experts add near 100 domains used in malicious operations, still active. They steal and encrypt data, then exploit the double extortion sche
Cybersecurity researchers concerned about a possible shift of pro-Moscow APTs, following international sanctions. From espionage they would move on to "making cash".
International law enforcements, after Emotet botnet, target the malware and indict a Canadian national. He is alleged to have obtained at least over $27.6 million.
The threat actor: The company has been hit two times, due to the stop of the negotiations and poor cybersecurity. 2GB of data leaks published in double extortion scheme.