Diavol – A New Ransomware Used By Wizard Spider

Security Alert
Published July 2, 2021

A new family of ransomware called Diavol has been discovered and could be linked to a criminal group known as Wizard Spider, according to PSIRT research and a report published in the Security Research Journal.

ADVERSARY:
MALWARE FAMILIES:
ContiDiavol
ATT&CK IDS:
T1059 – Command and Scripting InterpreterT1106 – Native APIT1070 – Indicator Removal on HostT1057 – Process DiscoveryT1040 – Network SniffingT1083 – File and Directory DiscoveryT1027 – Obfuscated Files or InformationT1071 – Application Layer ProtocolT1082 – System Information DiscoveryT1135 – Network Share DiscoveryT1485 – Data DestructionT1486 – Data Encrypted for ImpactT1489 – Service StopT1490 – Inhibit System RecoveryT1559 – Inter-Process CommunicationT1562 – Impair Defenses

Related Content

Emerging Ransomware Groups

Emerging Ransomware Groups

Emerging Ransomware Groups: AvosLocker, Hive, HelloKitty, LockBit 2.0 A look at some of the emerging ransomware groups...

0 Comments

Submit a Comment

Your email address will not be published. Required fields are marked *

Ready to Simplify IT Management?

We will work with you to create a plan that meets your business needs, while helping you get more from your technology, with less work, and less worry about making it all run right.