Sodinokibi Ransomware: Following the Affiliate Money Trail


Level 18
Thread author
Top Poster
May 4, 2019
After a Sodinokibi ransomware affiliate posted partial transaction IDs for ransomware payments, researchers were able to use that information to follow the money trail for affiliates and in some cases, how they spend their illicit earnings.
Earlier this month, McAfee provided a look at the GandCrab Ransomware-as-an-Affiliate operation and how the Sodinokibi Ransomware recruited the top performers to build an all-star team of affiliates after GandCrab was shut down.
As part of this reporting, it was shown how an affiliate named Lalartu was vouching for the Sodinokibi Ransomware RaaS on an underground malware and hacker forum.

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.