SecureList
MAY 25, 2021
Several versions were released as part of each “rebranded” variant that altered different aspects of the code, renamed file extensions, cryptographic schemes and encryption keys. The files are encrypted using a custom modification of a Blowfish cipher with a 256-bit key. The encrypted data is written over the original.
SecureList
MAY 12, 2021
To ensure that their ability to restore encrypted files would never be questioned, they cultivated an online presence, wrote press releases and generally made sure their name would be known to all potential victims. The malware sample has an encrypted configuration block with many fields, which allow attackers to fine-tune the payload.
SecureList
APRIL 23, 2021
In addition, attackers appear to be more focused on exfiltrating data as well as encrypting it, i.e., siphoning off confidential information and threatening to make it public if the victims refuse to pay. These include crypto-ransomware (malware that encrypts your files), screen lockers, browser lockers, and boot lockers. Conclusion.
Expert insights. Personalized for you.
103 
Let's personalize your content