Sodinokibi, also known as ‘Sodin’, ransomware is a type of REvil ransomware.
It spread in September 2019 by using a zero-day vulnerability in the servers of Oracle Weblogic. Later, when the vulnerability was fixed, it continued to spread through software installers that have remote desktop servers and other backdoor vulnerabilities; and also by the tools that abuse this ransomware.
- The Evolution of Cryptocurrency Crime in the Darknet
- Battles of Dirty Money and Blockchain: How to Trace Stolen Crypto