Eblogtip.com
  • Categories
    • News
    • Technology
    • Domains
    • Hosting
    • Promotions

Archives

  • September 2023
  • August 2023
  • July 2023
  • June 2023
  • May 2023
  • December 2022

Categories

  • News
  • Technology
  • Uncategorized
eBlogTip
  • Categories
    • News
    • Technology
    • Domains
    • Hosting
    • Promotions
  • News

Devious new malware poses as ransomware to wipe Russian court data

  • December 5, 2022
Total
0
Shares
0
0
0


Public organizations in Russia, including mayoral offices and courts, are being targeted by a brand new and quite devious malware variant.

CryWiper poses as ransomware, trying to extort a little money out of the victims (0.5 bitcoin, or roughly $9,000 at press time), but its goal is not to get paid – it’s to destroy all the files found on the infected endpoint.

Cybersecurity researchers from Kaspersky are reporting of “pinpoint” cyberattacks in Russia, in which infected files get a new extension – .cry (hence the name CryWiper). While local media said the attackers were targeting mayor’s offices and courts in the country, it’s not known exactly how many entities they managed to compromise.

Russians targeting Russians?

What we do know, is that the malware shares common traits with two other malware strains – Trojan-Ransom.Win32.Xorist and Trojan-Ransom.MSIL.Agent. All of these have the same email address listed in the ransom note. Xorist was first seen in 2010, and is described as a Windows ransomware family targeting Russian-speaking and English-speaking users.

CryWiper was written in C++ which, according to Ars Technica, is an unusual choice and points to the possibility of the threat actors using a non-Windows device to write the code. 

The same publication also states that the malware is relatively similar to IsaacWiper, a wiper malware that was recently targeting Ukraine-based businesses. Apparently, both wipers are using the same algorithm to generate pseudo-random numbers that overwrite the data in the files, that way corrupting them permanently. 

The attackers are allegedly using the Mersenne Vortex PRNG algorithm, which is another uncommon trait.

Wipers are among the most dangerous malware variants out there, as their sole purpose is to “wipe” all of the data on the target endpoint, permanently. To defend against such attacks, users are advised to be careful when downloading email attachments and to make sure their software and hardware is always up to date. Having state-of-the-art cybersecurity solutions (opens in new tab) is also advised.

Via: Ars Technica (opens in new tab)


Source link

Total
0
Shares
Share 0
Tweet 0
Pin it 0
Previous Article
  • News

Support for Witcher game ending with an “unconventional solution”

  • December 5, 2022
View Post
Next Article
  • News

Intel’s efficiency core gamble could pay off – are cheaper, more powerful Raptor Lake PCs the future?

  • December 5, 2022
View Post
You May Also Like
View Post
  • News

TV Networks’ Last Best Hope: Boomers

  • September 23, 2023
View Post
  • News

iPhone 16 Pro Max: latest news, rumors and everything we know so far

  • September 23, 2023
View Post
  • News

LG to launch new smart monitors that can open documents without a PC —but shame they’re not 4K

  • September 23, 2023
View Post
  • News

ICYMI: the 9 biggest tech stories of the week, from iPhone reviews to new Amazon Alexa AI

  • September 23, 2023
View Post
  • News

Sliced and diced – thousands of Pizza Hut customers hacked and password stolen

  • September 23, 2023
View Post
  • News

Quordle today – hints and answers for Saturday, September 23 (game #607)

  • September 22, 2023
View Post
  • News

Apple HomePod finally gets hands-free Spotify thanks to this iOS 17 workaround

  • September 22, 2023
View Post
  • News

Switching to an iPhone 15 from an older iPhone? Do this first and thank us later

  • September 22, 2023

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

eBlogTip.com
  • Categories

Input your search keywords and press Enter.