Enhancements Made to Ransomware

Three variations of ransomware have recent undergone some surprising changes…

 

Once a ransomware is exposed, it can be blocked by traditional security software; therefore, in order to remain lucrative ransomware hackers have to make changes to remain undetectable.  One surprising change that the ransomware 7ev3n made was actually decreasing their bitcoin demand from 13  to .5 or 1 bitcoin.  They call this latest version of 7ev3n, 7ev3n-Hone$t.  No only did the makers of 7ev3n-Hone$t demand a lower ransom, but also enhanced their systems to take alternative methods of payment as well as offering discounts for those who pay the ransom in full.

Another ransomware, Cryptoxxx, experienced changes as their original version released was rather easily decrypted.  They’ve made enhancements to the backend of their codes to decrease the ease of decryption.

Lastly, the ransomware Bucbi is making quite the comeback after making some serious changes to their codes.  Bucbi originated two years ago as a simple malware, but has since evolved into a tool to identify sensitive data, find a network and encrypt files.  Bucbi targets corporate networks using what is called a “brute force technique“.

So how does this affect you?  It’s a simple reminder.  Ransomware is not going away anytime soon.  It has been proven to be a lucrative business, and as technology evolves ransomware will continue to do the same.

Who remembered to backup their data today?

UPDATE: Kaspersky labs has found a decryption tool for Cryptoxxx 2.0.  Click here for more details.

 

109 total views, 3 views today

(Visited 8 times, 1 visits today)

3 thoughts on “Enhancements Made to Ransomware

    • Dave – We have both a proactive and reactive approach. Meaning it does both. There is a real-time protection component, as well as the scan that cleans up on a weekly basis (or however often you choose to scan your PC).

      And to answer your other question, no I do not know a Lance! 🙂 Have a wonderful day!

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.