Sodinokibi ransomware which made rounds this month after attacking several enterprises including Travelex and New York Airport System. Now, the ransomware has taken serious steps by publishing the stolen data of one of the victims as it failed to pay the ransom in time.
The authors behind Sodinokibi ransomware were threatening companies for the past one month to make the stolen files public if victims don’t pay the demanded ransom.
Representatives of Sodinokibi posted today that they are keeping their promise and are publishing the 337MB of stolen data of Artech Information System on a Russian malware forum.
Artech Information System claims itself to be one of the largest IT staffing companies in the US and “minority- and women-owned diversity supplier.”
Bad actors behind Sodinokibi malware have further threatened to publish more data if the ransom is not paid.
“This is a small part of what we have. If there are no movements, we will sell the remaining, more important and interesting commercial and personal data to third parties, including financial details.”
Sodinokibi ransomware, also known as REvil is an evolved version of GandCrab ransomware family that affected several companies in 2018 and 2019. It demanded $2,000 in Bitcoin or Dash for decrypting the files. We also included Sodinokibi ransomware in our list of top nastiest malware of 2019.
Sodinokibi ransomware has allegedly stolen 5GB of data from Travelex and has demanded $6 million as ransomware. The operators behind the ransomware say that they will sell the data if the ransom is not paid by January 14.
Now that they have already published the data of one of their victims, Travelex needs to be cautious.