Recently, a new ransomware called Macaw Locker launched by Evil Corp, has entered the ransomware space. It is believed that Evil Corp have released this new ransomware to evade US sanctions that prevent victims from making ransom payments.
This is not the first time that Evil Corp have released a new ransomware to evade the US sanctions that were placed on them in 2019. Evil Corp has also been affiliated with limited use ransomware operations like WastedLocker, Hades, Phenoix Locker, and PayloadBin. This week has been discovered that Macaw Locker is the ransomware responsible for the attacks that disrupted Olympus and the Sinclair Broadcast Group.
Although now that Macaw Locker has been affiliated with Evil Corp, there is a high chance that Evil Corp will attempt to rebrand their ransomware operations again in the hope of avoiding US sanctions.