CIO News Hubb
Advertisement
  • Home
  • News
  • Operations CIO
  • Visionary CIO
  • IT Management
  • Information Security
  • Contact
No Result
View All Result
  • Home
  • News
  • Operations CIO
  • Visionary CIO
  • IT Management
  • Information Security
  • Contact
No Result
View All Result
CIO News Hubb
No Result
View All Result
Home Information Security

New RansomExx Ransomware Variant Rewritten in the Rust Programming Language

admin by admin
November 24, 2022
in Information Security


The operators of the RansomExx ransomware have become the latest to develop a new variant fully rewritten in the Rust programming language, following other strains like BlackCat, Hive, and Luna.

The latest version, dubbed RansomExx2 by the threat actor known as Hive0091 (aka DefrayX), is primarily designed to run on the Linux operating system, although it’s expected that a Windows version will be released in the future.

RansomExx, also known as Defray777 and Ransom X, is a ransomware family that’s known to be active since 2018. It has since been linked to a number of attacks on government agencies, manufacturers, and other high-profile entities like Embraer and GIGABYTE.

“Malware written in Rust often benefits from lower [antivirus] detection rates (compared to those written in more common languages) and this may have been the primary reason to use the language,” IBM Security X-Force researcher Charlotte Hammond said in a report published this week.

RansomExx2 is functionally similar to its C++ predecessor and it takes a list of target directories to encrypt as command line inputs.

Once executed, the ransomware recursively goes through each of the specified directories, followed by enumerating and encrypting the files using the AES-256 algorithm.

A ransom note containing the demand is ultimately dropped in each of the encrypted directory upon completion of the step.

The development illustrates a new trend where a growing number of malicious actors are building malware and ransomware with lesser-known programming languages like Rust and Go, which not only offer increased cross-platform flexibility but can also evade detection.

“RansomExx is yet another major ransomware family to switch to Rust in 2022,” Hammond explained.

“While these latest changes by RansomExx may not represent a significant upgrade in functionality, the switch to Rust suggests a continued focus on the development and innovation of the ransomware by the group, and continued attempts to evade detection.”





Source link

Tags: computer securitycyber attackscyber newscyber security newscyber security news todaycyber security updatescyber updatesdata breachhacker newshacking newshow to hackinformation securitynetwork securityransomware malwaresoftware vulnerabilitythe hacker news
Previous Post

2022 Canadian Centre for Cyber Security Assessment Summary report available with 12 additional services

Next Post

Initiateauthenticity

Related Posts

Information Security

Malicious Python Package Uses Unicode Trickery to Evade Detection and Steal Data

by admin
March 24, 2023
Information Security

Automate the deployment of an NGINX web service using Amazon ECS with TLS offload in CloudHSM

by admin
March 24, 2023
Information Security

AV-Comparatives Anti-Phishing Test | Avast

by admin
March 24, 2023
Information Security

Fake ChatGPT Chrome Browser Extension Caught Hijacking Facebook Accounts

by admin
March 23, 2023
Information Security

New Instagram scam uses fake SHEIN gift cards as lure

by admin
March 23, 2023
Next Post

Initiateauthenticity

Recommended

Illuminatesilience

March 25, 2023

Malicious Python Package Uses Unicode Trickery to Evade Detection and Steal Data

March 24, 2023

Automate the deployment of an NGINX web service using Amazon ECS with TLS offload in CloudHSM

March 24, 2023

AV-Comparatives Anti-Phishing Test | Avast

March 24, 2023

Innateniche

March 24, 2023

The Importance of Sustainable Technology

March 23, 2023

© 2022 CIO News Hubb All rights reserved.

Use of these names, logos, and brands does not imply endorsement unless specified. By using this site, you agree to the Privacy Policy and Terms & Conditions.

Navigate Site

  • Home
  • News
  • Operations CIO
  • Visionary CIO
  • IT Management
  • Information Security
  • Contact

Newsletter Sign Up

No Result
View All Result
  • Home
  • News
  • Operations CIO
  • Visionary CIO
  • IT Management
  • Information Security
  • Contact

© 2022 CIO News Hubb All rights reserved.