New Evil Corp ransomware mimics PayloadBin gang to evade US sanctions

If you like following brand wars and ‘passing off’ in ‘normal’ business, you’ll love reading about Evil Corp and their attempt to ‘pass off’ their ransomware as Babuk…:

[…] After finding the sample, BleepingComputer thought Babuk was lying about their intentions to move away from ransomware and rebranded to a new name.

However, after analyzing the new ransomware, both Fabian Wosar of Emsisoft and Michael Gillespie of ID Ransomware confirmed that the ransomware is a rebranding of Evil Corp’s previous ransomware operations.


Original Article