Journey of Open Source Ransomware converted into deadly wiper malware
Fortinet discovers a Cryptonite sample in the wild that never provides decryption capabilities. Cryptonite is an open-source ransomware toolkit developed initially by CYBERDEVILZ group with very few contributors later it forked 41 times on GitHub but after the Fortinet issue a Ransomware roundup series was all removed from GitHub.
Cryptonite is a lightweight ransomware that supports very limited barebone implementation of ransomware like BTC wallet address, email address, and server URL with exclusion list and Fortinet fount that it uses very simple encryption and decryption process.
"This sample demonstrates how a ransomware's weak architecture and programming can quickly turn it into a wiper that does not allow data recovery. Although we often complain about the increasing sophistication of ransomware samples, we can also see that oversimplicity and a lack of quality assurance can also lead to significant problems. On the positive side, however, this simplicity, combined with a lack of self-protection features, allows every anti-virus program to easily spot this malware." Fortinet said.
Subscribe to:
Post Comments (Atom)
Dark Deals Disrupted: Telegram Blocks Massive Black Market Networks
Telegram Shuts Down Two Massive Digital Black Markets Tied to Cybercrime In a significant blow to global cybercrime operations, Telegram ...
-
DigiCert's Revocation of 83,000 Certificates: A Critical Security Move DigiCert has begun the process of revoking over 83,000 SSL/TLS ...
-
Critical Ingress NGINX Controller Vulnerabilities Expose Kubernetes Clusters to Remote Code Execution A set of five critical security vuln...
-
SuperBlack Ransomware Exploits Fortinet Vulnerabilities: A New Cyber Threat Emerges A Russian-linked threat actor, identified as Mora_001,...
No comments:
Post a Comment