Sodinokibi: The threat group that is behind the Sodinokibi ransomware left a message on their website announcing that they will begin to accept Monero cryptocurrency for victims to pay their extortion demands and begin to move away from Bitcoin. As of right now, they will still accept Bitcoin for payment, but there will be a 10% increase in price for paying in Bitcoin instead of Monero. By switching to Monero, transactions are more anonymous because of the CryptoNote application layer protocol and the obfuscation implemented into the protocol. The group also announced on their website that any incident response company that wants to “partner” with them would see a significant discount on the cost of a decryptor for their client if they use the chat feature on the website to introduce the company.
By Anthony Zampino Introduction Leading up to the most recent Russian invasion of Ukraine in