What a time to be alive.
From TechCrunch:
Evil Corp hackers evolve ransomware tactics to dodge US sanctions
The Russia-based cybercriminal group known as Evil Corp has shifted to a ransomware-as-a-service model in an effort to skirt U.S. sanctions, according to research from cybersecurity firm Mandiant.
The U.S. Treasury’s Office of Foreign Assets Control, or OFAC, sanctioned Evil Corp in December 2019, citing the group’s extensive development of Dridex malware, which the gang used to steal more than $100 million from hundreds of banks and financial institutions.
Since, Mandiant researchers have observed a number of ransomware intrusions attributed to a threat actor which it tracked as an as-of-yet uncategorized threat group dubbed UNC2165, which the threat intelligence firm says shares “numerous overlaps” with Evil Corp and likely represents another evolution in Evil Corp affiliated actors’ operations.
UNC2165 is a group that Mandiant has tracked since 2019, which almost-exclusively obtains access to networks through an infection chain which Mandiant calls “FakeUpdates,” in which victims are tricked into opening under the guise of a browser update. This was a tactic also used as an infection vector for Dridex infections and was later used by Evil Corp attackers to deploy BitPaymer and WastedLocker, two ransomware variants developed by the sanctioned hacking group.
UNC2165 has also deployed the Hades ransomware, which has code and functional similarities to other ransomware believed to be associated with Evil Corp-affiliated threat actors....
....MUCH MORE
They have an affiliate program?
From 2016's
21st Century Headlines
Super Evil Megacorp starts team-franchise program to energize Vainglory...I would expect nothing less from SEMC.
According to CrunchBase Super Evil Megacorp has raised $42 million in three venture rounds.
I'd buy it just for the name. But wasn't invited.....
