Summary:
Researchers have discovered a new strain of Cryptonite open-source ransomware in wild which lock files with no option to decrypt them back. The ransomware is distributed as software updates or cracked versions. The ransomware has a limited set of functionalities as it lacks the features such as Windows Shadow Copy removal, Defensive evasion, and Anti-analysis. As the ransomware was coded improperly it leads to crashing of the program which further leads it to re-encrypt everything with a different key before offering the decryption to the victim which makes files irrecoverable.[/subscribe_to_unlock_form]
Summary:
Researchers have discovered a new strain of Cryptonite open-source ransomware in wild which lock files with no option to decrypt them back. The ransomware is distributed as software updates or cracked versions. The ransomware has a limited set of functionalities as it lacks the features such as Windows Shadow Copy removal, Defensive evasion, and Anti-analysis. As the ransomware was coded improperly it leads to crashing of the program which further leads it to re-encrypt everything with a different key before offering the decryption to the victim which makes files irrecoverable.[emaillocker id="1283"]
Threat Profile:
References:
The following reports contain further technical details:
https://thehackernews.com/2022/12/open-source-ransomware-toolkit.html
(Kindly exclude this link in the advisory mail)
[/emaillocker]