Diavol – A New Ransomware Used By Wizard Spider

Security Alert
Published July 2, 2021

A new family of ransomware called Diavol has been discovered and could be linked to a criminal group known as Wizard Spider, according to PSIRT research and a report published in the Security Research Journal.

ADVERSARY:
MALWARE FAMILIES:
ContiDiavol
ATT&CK IDS:
T1059 – Command and Scripting InterpreterT1106 – Native APIT1070 – Indicator Removal on HostT1057 – Process DiscoveryT1040 – Network SniffingT1083 – File and Directory DiscoveryT1027 – Obfuscated Files or InformationT1071 – Application Layer ProtocolT1082 – System Information DiscoveryT1135 – Network Share DiscoveryT1485 – Data DestructionT1486 – Data Encrypted for ImpactT1489 – Service StopT1490 – Inhibit System RecoveryT1559 – Inter-Process CommunicationT1562 – Impair Defenses

Related Content

ChaChi: a New GoLang RAT

ChaChi: a New GoLang RAT

BlackBerry has identified a new type of malicious software written in the Go programming language as the operator of...

Klingon RAT

Klingon RAT

With more malware written in Golang than ever before, the threat from Go-based Remote Access Trojans (RATs) has never...

0 Comments

Submit a Comment

Your email address will not be published. Required fields are marked *

Ready to Simplify IT Management?

We will work with you to create a plan that meets your business needs, while helping you get more from your technology, with less work, and less worry about making it all run right.