ransomware infrastructure

SophosLabs’ investigation into the WantToCry ransomware cases pulled back a curtain on a far more subtle problem than a single gang reusing servers: legitimate virtualization tooling and prebuilt VM images are creating identical, internet-facing fingerprints that cybercriminals and state-aligned...