Security News > 2020 > November > Sodinokibi/REvil ransomware gang pwns British housing biz via suspected phishing attack

A social housing provider in Norwich, England, has said it was hit with the Sodinokibi ransomware following what it assumes was a successful phishing attack.
"Whilst the investigation is still going on we can confirm that the incident was caused by ransomware, known as Sodinokibi, via a suspected phishing attack," said Flagship in a statement on its partially pwned website.
Threat analyst Brett Callow of ransomware recovery firm Emsisoft told The Register that not paying the Sodinokibi/REvil gang's ransom demands is the best bet.
"Agreeing with Callow, Jake Moore, a cybersecurity specialist from Slovakian infosec firm ESET, told The Register:"Regardless of how quickly a company responds to a ransomware attack, data will be encrypted and effectively lost.
Under their Sodinokibi moniker, the gang also took down foreign exchange firm Travelex, contributing to the financial firm collapsing into administration this summer.
News URL
Related news
- US indicts 8Base ransomware operators for Phobos encryption attacks (source)
- RA World Ransomware Attack in South Asia Links to Chinese Espionage Toolset (source)
- Chinese espionage tools deployed in RA World ransomware attack (source)
- Microsoft: Hackers steal emails in device code phishing attacks (source)
- Lee Enterprises newspaper disruptions caused by ransomware attack (source)
- Darktrace: 96% of Phishing Attacks in 2024 Exploited Trusted Domains Including SharePoint & Zoom Docs (source)
- Phishing attack hides JavaScript using invisible Unicode trick (source)
- FatalRAT Phishing Attacks Target APAC Industries Using Chinese Cloud Services (source)
- Southern Water says Black Basta ransomware attack cost £4.5M in expenses (source)
- Qilin ransomware claims attack at Lee Enterprises, leaks stolen data (source)