There are many threats that we can face when surfing the web. There are many types of malware that in one way or another can affect our systems. This is something that affects all types of devices and therefore we must take precautions. One of the most dangerous threats and at the same time has been more present in recent times is ransomware. In this article we echo how Sodinokibi has used a new technique to avoid detection.
Sodinokibi looks for a way to hide better
As we know, Sodinokibi is one of the most dangerous and common ransomware varieties. With the passage of time it has been perfecting its techniques of attack and concealment. A problem that, logically, puts the security and privacy of users at risk.
Now it seems that the way it works has been updated again to achieve to hide even more on the network. Specifically, the way they receive payments has changed so that they are not tracked.
Ransomware is a threat that seeks to encrypt victims ‘files and systems . In exchange for being able to reopen these documents, they ask for a financial rescue. Basically we can say that the information is seized until we pay the ransom. Now, a fairly frequent payment method in these cases is Bitcoin. It is a digital currency that although in theory it may be anonymous online, the truth is that it can leave a trace.
To make it difficult for them to follow that trail, Sodinokibi has now decided to offer payment through Monero . According to Europol data, the use of Monero and Tor as a browser makes it impossible to track the payment. In this way they cannot really find out who has received that money.
Therefore, what those responsible for Sodinokibi have done is change the payment method that was normally accepted through Bitcoin or Ethereum , another of the most popular digital currencies, for that of Monero. Thus they manage to hide better and avoid being tracked.
The goal is to gradually put aside Bitcoin. In fact, the payment process through Tor already uses Monero by default. Thus hackers manage to avoid being tracked. One more added problem.
How to avoid these kinds of problems
For all these reasons, it is essential to avoid being victims of this type of problem. It is essential that we keep the system correctly updated . Sometimes vulnerabilities arise that can be exploited by hackers to carry out their attacks. It is therefore vital to have those patches and updates available.
It will also be a good idea to have security tools . A good antivirus can prevent the entry of threats that compromise our security. This is something that we must apply regardless of the type of devices or operating systems that we are using.
Last, but perhaps most importantly, common sense . Many varieties of ransomware require user interaction. They are going to need us to make a mistake to run.
