Journey of Open Source Ransomware converted into deadly wiper malware
Fortinet discovers a Cryptonite sample in the wild that never provides decryption capabilities. Cryptonite is an open-source ransomware toolkit developed initially by CYBERDEVILZ group with very few contributors later it forked 41 times on GitHub but after the Fortinet issue a Ransomware roundup series was all removed from GitHub.
Cryptonite is a lightweight ransomware that supports very limited barebone implementation of ransomware like BTC wallet address, email address, and server URL with exclusion list and Fortinet fount that it uses very simple encryption and decryption process.
"This sample demonstrates how a ransomware's weak architecture and programming can quickly turn it into a wiper that does not allow data recovery. Although we often complain about the increasing sophistication of ransomware samples, we can also see that oversimplicity and a lack of quality assurance can also lead to significant problems. On the positive side, however, this simplicity, combined with a lack of self-protection features, allows every anti-virus program to easily spot this malware." Fortinet said.
Subscribe to:
Post Comments (Atom)
The Hidden Payload: PUP Ads Used for Silent Malware Drops
Hackers Exploit PUP Advertisements to Silently Drop Windows Malware Cybersecurity investigators have uncovered a stealthy campaign in whi...
-
Critical Ingress NGINX Controller Vulnerabilities Expose Kubernetes Clusters to Remote Code Execution A set of five critical security vuln...
-
Russian Hackers Exploit CVE-2025-26633 via MSC EvilTwin to Deploy SilentPrism and DarkWisp A suspected Russian hacking group known as Wate...
-
https://www.securityweek.com VMware Urges Immediate Updates for Critical Cloud and Virtualization Vulnerabilities Broadcom-owned VMware is...
No comments:
Post a Comment