Lawrence Abrams reports:
The new PayloadBIN ransomware has been attributed to the Evil Corp cybercrime gang, rebranding to evade sanctions imposed by the US Treasury Department’s Office of Foreign Assets Control (OFAC).
The Evil Corp gang, also known as Indrik Spider and the Dridex gang, started as an affiliate for the ZeuS botnet. Over time, they formed a group that focused on distributing the banking trojan and downloader called Dridex via phishing emails.
Read more on BleepingComputer.