- Infecting Ladder Logic Can Beat a PLC
- Safety Procedures Sync in Gas Exposure
- Lessons Learned from ICS Attack
- Fukushima Radiation at Fatal Levels
- Ukrainian Man Sentenced in Hacking Case
- Hard Time for Hacking into GA Pacific
- Safety Systems Worked in CA Refinery Blast
- Connected Car: Start Thinking Security
Chemical Safety Incidents
Ransomware Ups its Game
Tuesday, June 7, 2016 @ 05:06 PM gHale
CryptXXX ransomware released a new malware variant that can encrypt network shares, and steal account logins.
The changes make CryptXXX a very dangerous piece of ransomware.
Ransomware Regenerates Every 15 Seconds
New Ransomware with Different Approach
Updated Ransomware getting Kinks Out
Ransomware Soars, Users Not Sure What It Is
APT Attacker’s Malware of Choice
The ransomware uses StillerX to steal account credentials from quite a list of platforms.
Browser data including history, cookies, and stored credentials end up garnered along with email, instant messaging, and remote administration software logins.
“CryptXXX has become quite widespread, especially with a number of TeslaCrypt actors shifting operations to CryptXXX recently,” said researchers at Proofpoint in a blog post. “… This new version of CryptXXX was capable of finding shared resources on the network, enumerating files in every shared directory, and encrypting them one by one. The actors behind CryptXXX have continued to rapidly refine the ransomware with updates to encryption, scanning for network shares, cosmetic updates, and updates to lock screen behavior.”