back to article Report shines light on REvil's depressingly simple tactics: Phishing, credential-stuffing RDP servers... the usual

Palo Alto Networks' global threat intelligence team, Unit 42, has detailed the tactics ransomware group REvil has employed to great impact so far this year – along with an estimation of the multimillion-dollar payouts it's receiving. REvil, also known as "Ransomware Evil" or "Sodinokibi," first hit the cybersecurity scene …

  1. Anonymous Coward
    Anonymous Coward

    Noone is safe?

    Let me see you infect my Commodore 64 over my shitty dial up connection. What's that, you'll have to get back to me once you've found something that'll fit on a low density floppy disk? And convince me to download it? And save it to disk? And reload it every time I turn it on? And to upload copies to all those BBS' that run on everything from Ataris, Amigas, and TRS80s? Have you spotted the problem yet?

    1. Blazde

      Re: Noone is safe?

      Entertain us.. just how bad does El Reg look on that Commodore?

  2. MarkSitkowski

    Think positive, guys. Everyone is missing a golden opportunity at retribution.

    It's a well-known fact that the Russian government only turns a blind eye to their hackers if they attack foreign targets.

    How difficult can it be to use REvil's malware and delivery mechanism to execute a ransomware attack on Russia's state bank/power grid/hospital system etc?

    Put the ransom money into REvil's bitcoin account, and let them enjoy it. Briefly.

    Just for fun, it should be quite easy to spoof the originating address to be that of some random Russian server - perhaps in KGB headquarters.

    Once they've traced it all back to REvil, there will be a few free Siberian holidays handed out.

    1. Anonymous Coward
      Anonymous Coward

      It would only take a single NOT statement, in the code block that prevents REvil from running on Russian-language computers...

  3. Grinning Bandicoot

    Has the Tipping Point been reached

    The targets and the moneys involved have become so substantial that mercenaries might seem to be a viable option. Removal of those thought to be involved by mercenaries not withstanding any type of proof would be a true game changer. As it stands at present these groups only face a low level mental risk adding a physical risk to any possibly involved would interesting.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like