{"id":12749,"date":"2022-05-10T20:33:44","date_gmt":"2022-05-10T18:33:44","guid":{"rendered":"https:\/\/www.show.it\/new-malware-samples-indicate-return-of-revil-ransomware\/"},"modified":"2022-05-10T20:33:44","modified_gmt":"2022-05-10T18:33:44","slug":"new-malware-samples-indicate-return-of-revil-ransomware","status":"publish","type":"post","link":"https:\/\/www.show.it\/en\/new-malware-samples-indicate-return-of-revil-ransomware\/","title":{"rendered":"New Malware Samples Indicate Return of REvil Ransomware"},"content":{"rendered":"<p><strong><span><span>New malware samples and a new Tor-based leak website suggest that the REvil ransomware operation has been resumed.<\/span><\/span><\/strong><\/p>\n<p><span><span>Secureworks, which tracks the group behind REvil as Gold Southfield, has conducted an analysis of malware samples apparently created in March and April, and determined that the developer likely has access to the original REvil source code.<\/span><\/span><\/p>\n<p><a href=\"https:\/\/www.securityweek.com\/new-malware-samples-indicate-return-revil-ransomware\" target=\"_blank\" rel=\"noopener\">read more<\/a><\/p>\n<div class=\"feedflare\">\n<a href=\"http:\/\/feeds.feedburner.com\/~ff\/securityweek?a=cIPwKxH7lkY:jwLYEjl8G74:yIl2AUoC8zA\"><img decoding=\"async\" src=\"http:\/\/feeds.feedburner.com\/~ff\/securityweek?d=yIl2AUoC8zA\" border=\"0\"><\/a> <a href=\"http:\/\/feeds.feedburner.com\/~ff\/securityweek?a=cIPwKxH7lkY:jwLYEjl8G74:-BTjWOF_DHI\"><img decoding=\"async\" src=\"http:\/\/feeds.feedburner.com\/~ff\/securityweek?i=cIPwKxH7lkY:jwLYEjl8G74:-BTjWOF_DHI\" border=\"0\"><\/a> <a href=\"http:\/\/feeds.feedburner.com\/~ff\/securityweek?a=cIPwKxH7lkY:jwLYEjl8G74:dnMXMwOfBR0\"><img decoding=\"async\" src=\"http:\/\/feeds.feedburner.com\/~ff\/securityweek?d=dnMXMwOfBR0\" border=\"0\"><\/a> <a href=\"http:\/\/feeds.feedburner.com\/~ff\/securityweek?a=cIPwKxH7lkY:jwLYEjl8G74:V_sGLiPBpWU\"><img decoding=\"async\" src=\"http:\/\/feeds.feedburner.com\/~ff\/securityweek?i=cIPwKxH7lkY:jwLYEjl8G74:V_sGLiPBpWU\" border=\"0\"><\/a> <a href=\"http:\/\/feeds.feedburner.com\/~ff\/securityweek?a=cIPwKxH7lkY:jwLYEjl8G74:qj6IDK7rITs\"><img decoding=\"async\" src=\"http:\/\/feeds.feedburner.com\/~ff\/securityweek?d=qj6IDK7rITs\" border=\"0\"><\/a> <a href=\"http:\/\/feeds.feedburner.com\/~ff\/securityweek?a=cIPwKxH7lkY:jwLYEjl8G74:gIN9vFwOqvQ\"><img decoding=\"async\" src=\"http:\/\/feeds.feedburner.com\/~ff\/securityweek?i=cIPwKxH7lkY:jwLYEjl8G74:gIN9vFwOqvQ\" border=\"0\"><\/a> <a href=\"http:\/\/feeds.feedburner.com\/~ff\/securityweek?a=cIPwKxH7lkY:jwLYEjl8G74:TzevzKxY174\"><img decoding=\"async\" src=\"http:\/\/feeds.feedburner.com\/~ff\/securityweek?d=TzevzKxY174\" border=\"0\"><\/a> <a href=\"http:\/\/feeds.feedburner.com\/~ff\/securityweek?a=cIPwKxH7lkY:jwLYEjl8G74:F7zBnMyn0Lo\"><img decoding=\"async\" src=\"http:\/\/feeds.feedburner.com\/~ff\/securityweek?i=cIPwKxH7lkY:jwLYEjl8G74:F7zBnMyn0Lo\" border=\"0\"><\/a>\n<\/div>\n","protected":false},"excerpt":{"rendered":"<p>New malware samples and a new Tor-based leak website suggest that the REvil ransomware operation has been resumed. Secureworks, which tracks the group behind REvil as Gold Southfield, has conducted an analysis of malware samples apparently created in March and April, and determined that the developer likely has access to the original REvil source code. [&hellip;]<\/p>\n","protected":false},"author":2,"featured_media":12750,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[27,21,11,19,37],"tags":[],"class_list":["post-12749","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybercrime","category-malware","category-news-industry","category-virus-malware","category-virus-threats"],"acf":[],"_links":{"self":[{"href":"https:\/\/www.show.it\/en\/wp-json\/wp\/v2\/posts\/12749","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.show.it\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.show.it\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.show.it\/en\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.show.it\/en\/wp-json\/wp\/v2\/comments?post=12749"}],"version-history":[{"count":0,"href":"https:\/\/www.show.it\/en\/wp-json\/wp\/v2\/posts\/12749\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.show.it\/en\/wp-json\/wp\/v2\/media\/12750"}],"wp:attachment":[{"href":"https:\/\/www.show.it\/en\/wp-json\/wp\/v2\/media?parent=12749"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.show.it\/en\/wp-json\/wp\/v2\/categories?post=12749"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.show.it\/en\/wp-json\/wp\/v2\/tags?post=12749"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}