Diavol – A New Ransomware Used By Wizard Spider

Security Alert
Published July 2, 2021

A new family of ransomware called Diavol has been discovered and could be linked to a criminal group known as Wizard Spider, according to PSIRT research and a report published in the Security Research Journal.

ADVERSARY:
MALWARE FAMILIES:
ContiDiavol
ATT&CK IDS:
T1059 – Command and Scripting InterpreterT1106 – Native APIT1070 – Indicator Removal on HostT1057 – Process DiscoveryT1040 – Network SniffingT1083 – File and Directory DiscoveryT1027 – Obfuscated Files or InformationT1071 – Application Layer ProtocolT1082 – System Information DiscoveryT1135 – Network Share DiscoveryT1485 – Data DestructionT1486 – Data Encrypted for ImpactT1489 – Service StopT1490 – Inhibit System RecoveryT1559 – Inter-Process CommunicationT1562 – Impair Defenses

Related Content

Ready to Simplify IT Management?

We will work with you to create a plan that meets your business needs, while helping you get more from your technology, with less work, and less worry about making it all run right.