Three variations of ransomware have recent undergone some surprising changes…
Once a ransomware is exposed, it can be blocked by traditional security software; therefore, in order to remain lucrative ransomware hackers have to make changes to remain undetectable. One surprising change that the ransomware 7ev3n made was actually decreasing their bitcoin demand from 13 to .5 or 1 bitcoin. They call this latest version of 7ev3n, 7ev3n-Hone$t. No only did the makers of 7ev3n-Hone$t demand a lower ransom, but also enhanced their systems to take alternative methods of payment as well as offering discounts for those who pay the ransom in full.
Another ransomware, Cryptoxxx, experienced changes as their original version released was rather easily decrypted. They’ve made enhancements to the backend of their codes to decrease the ease of decryption.
Lastly, the ransomware Bucbi is making quite the comeback after making some serious changes to their codes. Bucbi originated two years ago as a simple malware, but has since evolved into a tool to identify sensitive data, find a network and encrypt files. Bucbi targets corporate networks using what is called a “brute force technique“.
So how does this affect you? It’s a simple reminder. Ransomware is not going away anytime soon. It has been proven to be a lucrative business, and as technology evolves ransomware will continue to do the same.
Who remembered to backup their data today?
UPDATE: Kaspersky labs has found a decryption tool for Cryptoxxx 2.0. Click here for more details.