SecureList

MAY 25, 2021

Several versions were released as part of each “rebranded” variant that altered different aspects of the code, renamed file extensions, cryptographic schemes and encryption keys. The files are encrypted using a custom modification of a Blowfish cipher with a 256-bit key. The encrypted data is written over the original.

Ransomware 108

Ransomware Encryption Malware Energy and Utilities 108

SecureList

MAY 12, 2021

To ensure that their ability to restore encrypted files would never be questioned, they cultivated an online presence, wrote press releases and generally made sure their name would be known to all potential victims. The malware sample has an encrypted configuration block with many fields, which allow attackers to fine-tune the payload.

Ransomware 132

Ransomware Encryption Malware Cybercrime 132

SecureList

APRIL 23, 2021

In addition, attackers appear to be more focused on exfiltrating data as well as encrypting it, i.e., siphoning off confidential information and threatening to make it public if the victims refuse to pay. These include crypto-ransomware (malware that encrypts your files), screen lockers, browser lockers, and boot lockers. Conclusion.

Ransomware 115

Ransomware Mobile Malware Encryption 115