Lv Ransomware

Malware Profile Updated 24 days ago
Download STIX
Preview STIX
LV Ransomware is a type of malicious software designed to exploit and damage computer systems, often infiltrating systems through suspicious downloads, emails, or websites. This ransomware variant, also known as ".0nzo8yk Virus," was first identified in the wild in June 2020 and is a modified version of the REvil/Sodinokibi v2.03 ransomware. The primary technical update implemented by the LV Ransomware Gang was the removal of command-and-control (C2) servers used by the REvil operators to track infections, replacing them with their own servers. In 2022, there has been an increase in cyberattacks on semiconductor companies, with eight reported incidents involving ransomware gangs such as LockBit, LV Ransomware, and Cuba Ransomware, or extortion groups like RansomHouse and Lapsus$ Group. These attacks have notably impacted semiconductor manufacturing, despite this sub-sector not being listed as one of the most affected in 2021. Among the victims were SilTerra Malaysia Sdn. Bhd., a Malaysian semiconductor manufacturer, and Semikron, both of which were listed on the LV Blog ransomware extortion website operated by LV Ransomware. The LV Ransomware Gang has claimed responsibility for stealing significant amounts of data from these companies, as announced on their extortion blog. Specifically, they claim to have stolen 1 TB worth of data from SilTerra Malaysia and 2 TB from Semikron. Although the specific attack vectors leading to these ransomware attacks remain unidentified, the impact and potential threat posed by LV Ransomware continue to be significant concerns within the cybersecurity community.
What's your take? (Question 1 of 1)
e4234e5a-0e2d-4a4a-899d-2ac2782232a2 Help tune the shared Cybergeist dataset, assist your peers, and earn karma. Expand the panel to get started.
Possible Aliases / Cluster overlaps
It's hard to track cluster overlaps and naming conventions between vendors, so here are some possible overlapping names / profiles you also may want to look at.
IDVotesProfile Description
Miscellaneous Associations
Other elements of context that could aid in the identification of relevance
Ransomware
Associated Malware
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
REvilUnspecified
2
REvil, also known as Sodinokibi, is a notorious malware that gained prominence due to its harmful impact on computer systems and data. It operates under the Ransomware as a Service (RaaS) model, which saw a significant rise in popularity throughout 2020. The malware typically infects systems via sus
Associated Threat Actors
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Associated Vulnerabilities
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Source Document References
Information about the Lv Ransomware Malware was read from the documents corpus below. This display is limited to 20 results, create a free account to see more
SourceCreatedAtTitle
Recorded Future
a year ago
Semiconductor Companies Targeted by Ransomware | Recorded Future
Recorded Future
a year ago
Semiconductor Companies Targeted by Ransomware | Recorded Future
Secureworks
a year ago
LV Ransomware