Chemical Safety Incidents
Ransomware Ups its Game
Tuesday, June 7, 2016 @ 05:06 PM gHale
CryptXXX ransomware released a new malware variant that can encrypt network shares, and steal account logins.
The changes make CryptXXX a very dangerous piece of ransomware.
Ransomware Regenerates Every 15 Seconds
New Ransomware with Different Approach
Updated Ransomware getting Kinks Out
Ransomware Soars, Users Not Sure What It Is
APT Attacker’s Malware of Choice
The ransomware uses StillerX to steal account credentials from quite a list of platforms.
Browser data including history, cookies, and stored credentials end up garnered along with email, instant messaging, and remote administration software logins.
“CryptXXX has become quite widespread, especially with a number of TeslaCrypt actors shifting operations to CryptXXX recently,” said researchers at Proofpoint in a blog post. “… This new version of CryptXXX was capable of finding shared resources on the network, enumerating files in every shared directory, and encrypting them one by one. The actors behind CryptXXX have continued to rapidly refine the ransomware with updates to encryption, scanning for network shares, cosmetic updates, and updates to lock screen behavior.”