Evil Corp has launched a new ransomware called Macaw Locker to evade US sanctions that prevent victims from making ransom payments.
The Evil Corp hacking group, also known Indrik Spider and the Dridex gang, has been involved in cybercrime activities since 2007, but mostly as affiliates to other organizations.
Over time, the group began focusing on their own attacks by creating and distributing a banking trojan known as Dridex in phishing attacks.
Moving to ransomware
As ransomware attacks became increasingly more profitable, Evil Corp launched an operation called BitPaymer, delivered via the Dridex malware to compromised corporate networks.