Lv Ransomware

Malware updated a month ago (2024-11-29T13:38:41.170Z)
Download STIX
Preview STIX
LV Ransomware is a type of malicious software designed to exploit and damage computer systems, often infiltrating systems through suspicious downloads, emails, or websites. This ransomware variant, also known as ".0nzo8yk Virus," was first identified in the wild in June 2020 and is a modified version of the REvil/Sodinokibi v2.03 ransomware. The primary technical update implemented by the LV Ransomware Gang was the removal of command-and-control (C2) servers used by the REvil operators to track infections, replacing them with their own servers. In 2022, there has been an increase in cyberattacks on semiconductor companies, with eight reported incidents involving ransomware gangs such as LockBit, LV Ransomware, and Cuba Ransomware, or extortion groups like RansomHouse and Lapsus$ Group. These attacks have notably impacted semiconductor manufacturing, despite this sub-sector not being listed as one of the most affected in 2021. Among the victims were SilTerra Malaysia Sdn. Bhd., a Malaysian semiconductor manufacturer, and Semikron, both of which were listed on the LV Blog ransomware extortion website operated by LV Ransomware. The LV Ransomware Gang has claimed responsibility for stealing significant amounts of data from these companies, as announced on their extortion blog. Specifically, they claim to have stolen 1 TB worth of data from SilTerra Malaysia and 2 TB from Semikron. Although the specific attack vectors leading to these ransomware attacks remain unidentified, the impact and potential threat posed by LV Ransomware continue to be significant concerns within the cybersecurity community.
Description last updated: 2024-05-04T23:32:57.007Z
What's your take? (Question 1 of 1)
Help tune the shared Cybergeist dataset, assist your peers, and earn karma. Expand the panel to get started.
Aliases We are not currently tracking any aliases
Miscellaneous Associations
Other elements of context that could aid in the identification of relevance
Ransomware
Analyst Notes & Discussion
Be the first to leave your mark here! Log in to share your views and vote.
Associated Malware
To see the evidence that has resulted in these malware associations, create a free account
Alias DescriptionAssociation TypeVotes
The REvil Malware is associated with Lv Ransomware. REvil, also known as Sodinokibi, is a malicious software (malware) that operates on a Ransomware as a Service (RaaS) model. This model became increasingly popular in 2020, with first-stage malware like Dridex and Gootkit being linked to ransomware attacks such as BitPaymer and REvil respectively. ThUnspecified
2
Source Document References
Information about the Lv Ransomware Malware was read from the documents corpus below. This display is limited to 20 results, create a free account to see more
PreviewSource LinkCreatedAtTitle
Recorded Future
2 years ago
Recorded Future
2 years ago
Secureworks
2 years ago