Journey of Open Source Ransomware converted into deadly wiper malware
Fortinet discovers a Cryptonite sample in the wild that never provides decryption capabilities. Cryptonite is an open-source ransomware toolkit developed initially by CYBERDEVILZ group with very few contributors later it forked 41 times on GitHub but after the Fortinet issue a Ransomware roundup series was all removed from GitHub.
Cryptonite is a lightweight ransomware that supports very limited barebone implementation of ransomware like BTC wallet address, email address, and server URL with exclusion list and Fortinet fount that it uses very simple encryption and decryption process.
"This sample demonstrates how a ransomware's weak architecture and programming can quickly turn it into a wiper that does not allow data recovery. Although we often complain about the increasing sophistication of ransomware samples, we can also see that oversimplicity and a lack of quality assurance can also lead to significant problems. On the positive side, however, this simplicity, combined with a lack of self-protection features, allows every anti-virus program to easily spot this malware." Fortinet said.
Subscribe to:
Post Comments (Atom)
Google Uncovers LOSTKEYS Malware Tied to Russian Hackers
Google Uncovers 'LOSTKEYS' Malware Linked to Russian Hacking Group Cold River May 7, 2025 — Alphabet’s Google has disclosed the ...
-
DigiCert's Revocation of 83,000 Certificates: A Critical Security Move DigiCert has begun the process of revoking over 83,000 SSL/TLS ...
-
SuperBlack Ransomware Exploits Fortinet Vulnerabilities: A New Cyber Threat Emerges A Russian-linked threat actor, identified as Mora_001,...
-
Critical Ingress NGINX Controller Vulnerabilities Expose Kubernetes Clusters to Remote Code Execution A set of five critical security vuln...
No comments:
Post a Comment