Remove Consumer Services Remove Encryption Remove Security Awareness
article thumbnail

Evolution of JSWorm ransomware

SecureList

Several versions were released as part of each “rebranded” variant that altered different aspects of the code, renamed file extensions, cryptographic schemes and encryption keys. The files are encrypted using a custom modification of a Blowfish cipher with a 256-bit key. The encrypted data is written over the original.

article thumbnail

Ransomware world in 2021: who, how and why

SecureList

To ensure that their ability to restore encrypted files would never be questioned, they cultivated an online presence, wrote press releases and generally made sure their name would be known to all potential victims. The malware sample has an encrypted configuration block with many fields, which allow attackers to fine-tune the payload.

article thumbnail

Ransomware by the numbers: Reassessing the threat’s global impact

SecureList

In addition, attackers appear to be more focused on exfiltrating data as well as encrypting it, i.e., siphoning off confidential information and threatening to make it public if the victims refuse to pay. These include crypto-ransomware (malware that encrypts your files), screen lockers, browser lockers, and boot lockers. Conclusion.