Ransomware variant from Vietnam being distributed to millions of devices

Ransomware variant from Vietnam being distributed to millions of devices

Aviation equipment major ASCO suffers ransomware attack, shuts operations

A new ransomware variant is being spread to millions of people through phishing emails from Vietnam and other countries, according to Barracuda, a security research firm.

Even though Barracuda has blocked 27 million phishing emails so far, the speed at which hackers are spreading the ransomware variant hasn't slowed.

The new ransomware variant is designed to take control over systems and demand ransom from affected users but as Barracuda researchers have observed, hackers behind the ransomware have no intention of keeping their world after receiving money from their victims.

This is because the ransomware variant comes with a single identifier which is being sent to all victims. This means that even after a victim pays a ransom, there is no way the hackers can identify the victim's system to send back decryption keys.

What makes the ransomware very dangerous is that like WannaCry, it is being sent to millions of users across the globe in the form of emails. In these emails, the sender is either listed as 'Herbalife' or a copier file delivery eg. 'copier@renauer.com'. Newer emails being sent by hackers bear the subject line “Emailing – <attachment name>.

Researchers have observed that while a bulk of such emails are being sent from Vietnam, many of them are also being sent from countries like India, Columbia, and Turkey and Greece. At the same time, hackers behind the ransomware are also changing the names of payload files and the domains used for downloading secondary payloads constantly to avoid being filtered by anti-virus engines.

As per available data, the new ransomware possesses various abilities that include an ability to encrypt files, download executables from a remote location, ability to use cryptography API, modify Windows initialisation files, deleting samples after the execution and ability to retrieve system default language identifier.

Copyright Lyonsdown Limited 2020

Top Articles

North Korean hackers indicted for cyber attacks and financial crimes worldwide

Three North Korean hackers were indicted for carrying out a wide range of cyber crimes and stealing more than $1.3 billion in cryptocurrency.

Popular Trends With Ties to Bitcoin

Love it or hate it, Bitcoin is one of the biggest trends around the globe right now.

Why Bitcoin Has the Highest Market Cap?

Not only is Bitcoin the first cryptocurrency ever invented, but it has managed to remain the most successful one, even as the competition grew, namely, today, there are over 2,000…

Related Articles