Evil Corp, one of the biggest malware operations on the planet, has returned to life after the December 2019 DOJ charges with a new ransomware strain.
Evil Corp, one of the biggest malware operations on the internet, has slowly returned to life after several of its members were charged by the US Department of Justice in December 2019.
EVIL CORP SHORT HISTORY
The Evil Corp group, also known as the Dridex gang, has been active since 2007 when several members previously involved with the ZeuS banking trojan decided to try their own luck at distributing malware.
Ther initial efforts were focused on distributing the Cridex banking trojan, a malware strain that later evolved into the Dridex banking trojan, and later subsequently evolved into the Dridex multi-purpose malware toolkit.
Across the years, Evil Corp, through its Dridex operation became one of the largest malware and spam botnets on the internet. The group distributed their own malware, but also malware for other criminal groups, along with custom spam messaging.
The group dipped their toes into ransomware distribution by spreading the Locky ransomware to home consumers throughout 2016.
As the ransomware market began shifting targeting from home consumers to enterprise targets, the Evil Corp gang adapted as well, and after dropping the Locky strain for good, they created a new custom ransomware named BitPaymer.