"REvil Group Claims Slew of Ransomware Attacks"

The REvil ransomware threat group, also known as the Sodinokibi ransomware gang, claims to have infected nine organizations across Africa, Europe, Mexico, and the United States over the past two weeks.  The organizations supposedly affected include two law firms, an insurance company, an architectural firm, a construction company, and an agricultural co-op, all located in the United States.  The other organizations affected include two large international banks (one in Mexico and one in Africa) and a European manufacturer.  Researchers at eSentire stated that REvil cybercriminals posted documents on underground forums that purported to be from the victims’ systems, including company computer file directories, partial customer lists, customer quotes, and copies of contracts. The Researchers also stated that the threat group also posted what appears to be several official IDs, either belonging to an employee or a customer of the victim companies.  The researchers are not 100 percent sure the claims are accurate.  However, after reviewing several of the documents that the Sodinokibi ransomware gang claims are from their new victims, the researchers found that many appear authentic.  

Threatpost reports: "REvil Group Claims Slew of Ransomware Attacks"