A recently-disclosed critical vulnerability in the widely used Oracle WebLogic Server has been spotted actively being exploited to distribute a never-before-seen ransomware variant. The Sodinokibi ransomware encrypts the victim’s systems and displays a ransom note demanding up to $2,500 in Bitcoin. The amount doubles to $5,000 if the ransom is not paid within a specified number of days which may vary from two days to six days. Researchers also noted that roughly eight hours after deploying SodInokibi on an infected system, the attackers exploited the same vulnerability to install another piece of ransomware known as GandCrab.
Source: https://thehackernews.com/2019/05/ransomware-oracle-weblogic.html