Tag: ransomware

Rival gang leaks decryption keys for Chimera ransomware

Aside from the efforts of security researchers and antivirus companies, malware victims can sometimes also benefit from the fighting between rival cybercriminal groups.

That happened this week when the creators of the Petya and Mischa ransomware programs leaked about 3,500 RSA private keys allegedly corresponding to systems infected with Chimera, another ransomware application.

In a post Tuesday on Pastebin, Mischa’s developers claimed that earlier this year they got access to big parts of the development system used by Chimera’s creators.

As a result of that hack, they obtained the source code for Chimera and integrated some of it into their own ransomware project, according to the Pastebin message.

To read this article in full or to leave a comment, please click here


Uncategorized

Server software poses soft target for ransomware

An alternate method for infecting computers with ransomware signals a shift in tactics by cybercriminals that could put businesses at greater risk, according to Symantec.

A type of ransomware called Samsam has been infecting organizations but is not installed in the usual way.

“Samsam is another variant in a growing number of variants of ransomware, but what sets it apart from other ransomware is how it reaches its intended targets by way of unpatched server-side software,” Symantec wrote.

The perpetrators behind Samsam use a legitimate penetration tool called Jexboss to exploit servers running Red Hat’s JBoss enterprise application server.

To read this article in full or to leave a comment, please click here


Uncategorized