Back to Resources

SentinelOne vs Sodinokibi (REvil) – Linked to the Kaseya Supply Chain Attacked (ransomware)

Ongoing supply chain attack abuses Kaseya software to distribute REvil Sodinokibi ransomware, demanding $44,999 per infected endpoint. The malicious update drops two files: a legitimate Windows Defender application that it abuses to sideload the ransomware DLL. The latter is signed with a stolen digital certificate. #ransomware #cybersecurity #infosec #ciso #malware
Watch Now