PureLocker Ransomware targeting Enterprise Servers
Researchers at Intezer Labs and IBM X-Force have discovered an unconventional form of ransomware, which is written in PureBasic and has been linked to a Malware-as-a-Service (MaaS) provider that has been used by Cobalt Gang, FIN6, and other threat groups.
“We have named this ransomware PureLocker because it’s written in the PureBasic programming language,” Michael Kajiloti, a security researcher at Intezer.
Dubbed PureLocker, the malware comes with evasion methods and features that have allowed it to remain undetected for months. The use of PureBasic, a rather uncommon programming language, also makes porting between Windows, Linux, and macOS easy.
There are currently no figures on the number PureLocker victims, but Intezer and IBM X-Force have confirmed the ransomware campaign is active with the ransomware being offered to attackers ‘as-a-service.’
The source code of PureLocker ransomware offers clues to its exclusive nature, as it contains strings from the ‘more eggs’ backdoor malware. This malware is sold on the dark web by what researchers describe as a ‘veteran’ provider of malicious services.
Reference:
https://www.intezer.com/blog-purelocker-ransomware-being-used-in-targeted-attacks-against-servers/
Contact Us
Learn more about what Techcess CyberSecurity Group can do for your business.
1-833-TXCYBER
1-833-892-9237
Techcess CyberSecurity Group
6110 Clarkson Lane
Houston, Texas 77055
Techcess CyberSecurity Group
Houston, Texas 77055