The WastedLocker Ransomware
One of the larger and better known cybercrime organizations Evil Corp has resurfaced and launched a new malware campaign targeting businesses and enterprises. Specifically, the group has released a new ransomware variant that has been dubbed WastedLocker.
Evil Corp was originally part of the notorious ZeuS botnet before breaking away and continuing on as a separate entity. And as such, they first made headlines in 2017 with the release of a different ransomware virus called BitPaymer, which was successful for about 2 years up until the end of 2019.
And although researchers have found the new WastedLocker to be quite different from its predecessor, there have been some similarities noted in the text of the ransom note.
WastedLocker gets its name due to the file extension “wasted” that is added to the encrypted files, along with the name or abbreviation of the victim company.
What is also particular about this ransomware strain is that it appears to be specifically aimed at US businesses and organizations. And the ransom amounts are sky-high, with demands reported of more than $10 million.
For the moment at least there are no official confirmation of anyone having actually paid the hackers so far. But experts at Fox-IT have already commented that the behavior of Evil Corp and its deployment of the ransomware is highly aggressive. What is also known at this point is that the hackers target virtual machines and cloud environments, as well as file servers and database services.
What’s more, the hackers are also said to interfere with the work of backup applications, which is to prevent companies or delay them from restoring their data.
Another thing that is known so far about the ransomware payload is that it does not steal information. This is not typical for most of the major ransomware viruses currently operating, whose creators threaten to leak the stolen data on file-sharing portals. This may be due to the fact that some of the members of Evil Corp are already known to the FBI and this may allow them to at least avoid becoming a priority to the authorities.