Massive Meris Botnet Embeds Ransomware Notes from REvil

2022-03-04 22:46

Hey webop geeks, you are already dead, a note claiming to be left by the REvil ransomware gang declared, embedded into the attack itself as a string of text in the URL for the extortion demand.

In a post that detailed mitigation of a recent attack that hit up to 2.5 Mrps on a single website, Imperva's Nelli Klepfish shared several chest-thumping ransom notes - a screen capture of one is included below - that its targeted customer received before the attack started.

In October 2021, a British voice-over-IP firm - Voice Unlimited - was still recuperating a month after a series of apparent sustained DDoS attacks that were attributed to REvil.

Evidence points to the DDoS attacks coming from the massive Meris botnet.

The Meris botnet was behind the record-breaking DDoS attack that targeted Russia's version of Google - Yandex - in September 2021.

Now is the time to prepare for an attack, Imperva warned, particularly given the threat actors' promise - be they REvil or REvil wannabes - to keep hammering away.

News URL

https://threatpost.com/massive-meris-botnet-embeds-ransomware-notes-revil/178769/

#botnet #ransomware #revil

News URL

Related news