Privacy Ninja



        • Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing
        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing
        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing
        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training
        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing
        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review
        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention
        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle
        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

The Week in Ransomware – July 16th 2021 – REvil Disappears

The Week in Ransomware – July 16th 2021 – REvil Disappears

Ransomware operations have been quieter this week as the White House engages in talks with the Russian government about cracking down on cybercriminals believed to be operating in Russia.

This increased scrutiny by law enforcement and the growing fear that Russia is no longer a safe haven for cybercriminals has led to what is believed to be the shutdown of the notorious REvil ransomware operation.

Earlier this week, all of the infrastructures for the REvil ransomware operation shut down with no word from the public-facing representative ‘Unknown’ or the group’s affiliates.

This shutdown is not believed to be caused by law enforcement, and it is likely we will see this group rebrand as a new operation in the future.

This week’s other news includes finding a Linux version of the HelloKitty ransomware used to target VMware ESXi servers and its virtual machines.

Finally, the US government launched the StopRansomware site that includes information on protecting, mitigating, and recovering from ransomware attacks.

The US government announced a new initiative under the Rewards for Justice programs that will reward up to $10 million for information about state-sponsored hackers targeting critical infrastructure and US interests.

Contributors and those who provided new ransomware information and stories this week include: @malwrhunterteam@fwosar@PolarToffee@VK_Intel@FourOctets@serghei@demonslay335@LawrenceAbrams@Ionut_Ilascu@BleepinComputer@Seifreed@DanielGallagher@malwareforme@struppigel@jorntvdw@uuallan@pcrisk@Artilllerie@Unit42_Intel@AuCyble, and @fbgwls245.

July 10th 2021

Biden asks Putin to crack down on Russian-based ransomware gangs

President Biden asked Russian President Putin during a phone call today to disrupt ransomware groups operating within Russia’s borders behind the ongoing wave of attacks impacting the United States and other countries worldwide.

New Phobos ransomware variant

dnwls0719 found a new Phobos Ransomware variant that appends the .LOWPRICE extension to encrypted files.

Also Read: When to Appoint a Data Protection Officer

Phobos ransom note

New STOP Djvu ransomware variant

PCrisk found a new STOP ransomware variant that appends the .wwka extension.

July 11th 2021

Kaseya patches VSA vulnerabilities used in REvil ransomware attack

Kaseya has released a security update for the VSA zero-day vulnerabilities used by the REvil ransomware gang to attack MSPs and their customers.

July 12th 2021

Fashion retailer Guess discloses data breach after ransomware attack

American fashion brand and retailer Guess is notifying affected customers of a data breach following a February ransomware attack that led to data theft.

Interpol urges police to unite against ‘potential ransomware pandemic’

Interpol (International Criminal Police Organisation) Secretary General Jürgen Stock urged police agencies and industry partners to work together to prevent what looks like a future ransomware pandemic.

July 13th 2021

REvil ransomware gang’s web sites mysteriously shut down

The infrastructure and websites for the REvil ransomware operation have mysteriously gone offline as of last night.

New STOP Djvu ransomware variant

PCrisk found a new STOP ransomware variant that appends the .gujd extension.

July 14th 2021

SonicWall warns of ‘critical’ ransomware risk to EOL SMA 100 VPN appliances

SonicWall has issued an “urgent security notice” warning customers of ransomware attacks targeting unpatched end-of-life (EoL) Secure Mobile Access (SMA) 100 series and Secure Remote Access (SRA) products.

New Dharma ransomware variant

PCrisk found a new Dharma ransomware variant that appends the .PcS extension.

July 15th 2021

Linux version of HelloKitty ransomware targets VMware ESXi servers

?The ransomware gang behind the highly publicized attack on CD Projekt Red uses a Linux variant that targets VMware’s ESXi virtual machine platform for maximum damage.

New Dharma ransomware variant

PCrisk found new Dharma ransomware variants that appends the .OFF and .pause extensions.

Mespinoza Ransomware Gang Calls Victims “Partners,” Attacks with Gasket, “MagicSocks” Tools

As cyber extortion flourishes, ransomware gangs are constantly changing tactics and business models to increase the chances that victims will pay increasingly large ransoms. As these criminal organizations become more sophisticated, they are increasingly taking on the appearance of professional enterprises. One good example is Mespinoza ransomware, which is run by a prolific group with a penchant for using whimsical terms to name its hacking tools.

AvosLocker Under The Lens: A New Sophisticated Ransomware Group

During our routine Open-source Intelligence (OSINT) research, we came across a new ransomware group named AvosLocker. It is a malicious program that infects Windows machines to encrypt document files of the victim and asks for ransom as part of its extortion program. AvosLocker appends the encrypted files with the extension .avos and forces victims to pay ransom for the decryption tool for recovering their data. The AvosLocker ransomware group uses spam email campaigns or distrustful advertisements as the primary delivery mechanisms for the malware. It uses a customized Advanced Encryption Standard (AES) with block size 256 to encrypt the data.

New AvosLocker ransomware launches a data leak site

Artilllerie noted that the AvosLocker ransomware launched a data leak site.

AvosLocker data leak site

Also Read: 4 Things to Know When Installing CCTVs Legally

July 16th 2021

US govt offers $10 million reward for tips on nation-state hackers

The United States government has taken two more active measures to fight and defend against malicious cyber activities affecting the country’s business and critical infrastructure sectors.

Kaseya victim struggling with decryption after REvil goes dark

Many victims of the Kaseya ransomware attack are still in the process of recovering but one victim is facing a particularly difficult issue.

That’s it for this week! Hope everyone has a nice weekend!



Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection


We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.


Click one of our contacts below to chat on WhatsApp

× Chat with us