A new malware has been discovered, posing as PayloadBIN, which is actually a rebranded ransomware used by the Evil Corp group. It is used by the group to bypass sanctions imposed by the Department of Treasury’s Office of Foreign Assets Control (OFAC) based in the U.S.
In March, an unknown threat group was using the Hades ransomware variant in cybercrime operations that had targeted at least three victims since December 2020.
Even after the recent rebranding efforts made by Evil Corp, the ransomware is now linked back to it. This implies that most of the ransomware negotiation firms are likely to avoid any sort of help in facilitating payments for victims targeted by the PayloadBIN ransomware. Moreover, such threat groups can not be taken lightly, and therefore, organizations should always avoid paying any ransom to them.