• Menu
  • Skip to main content
  • Skip to primary sidebar

The Cyber Security News

Latest Cyber Security News

Header Right

  • Latest News
  • Vulnerabilities
  • Cloud Services
Cyber Security News

Hive Ransomware Upgraded to Rust to Deliver More Sophisticated Encryption

You are here: Home / General Cyber Security News / Hive Ransomware Upgraded to Rust to Deliver More Sophisticated Encryption
July 6, 2022

Researchers from Microsoft Security have spotted an upgraded variation of the ransomware-as-a-company (RaaS) dubbed Hive.

The security gurus outlined their results in an advisory on Tuesday.

“With its hottest variant carrying quite a few major updates, Hive also proves it is a single of the speediest evolving ransomware households, exemplifying the consistently switching ransomware ecosystem,” reads the publish.

✔ Approved Seller From Our Partners
Mullvad VPN Discount

Protect your privacy by Mullvad VPN. Mullvad VPN is one of the famous brands in the security and privacy world. With Mullvad VPN you will not even be asked for your email address. No log policy, no data from you will be saved. Get your license key now from the official distributor of Mullvad with discount: SerialCart® (Limited Offer).

➤ Get Mullvad VPN with 12% Discount


According to Microsoft, the updates in the most current variant symbolize an overhaul of the whole ransomware infrastructure.

“The most notable improvements involve a entire code migration to another programming language [from GoLang to Rust] and the use of a additional sophisticated encryption technique,” the advisory clarifies.

Microsoft also observed that Hive is not the 1st ransomware created in Rust, and follows in the footsteps of BlackCat.

“By switching the fundamental code to Rust, Hive rewards from [various] rewards that Rust has about other programming languages.”

These consist of memory, data form and thread basic safety, deep management in excess of minimal-degree methods, the potential to render the malware resistant to reverse engineering and a excellent range of cryptographic libraries, amongst other matters.

“The new Hive variant makes use of string encryption that can make it extra evasive,” reads Microsoft’s advisory.”

“The constants that are employed to decrypt the similar string in some cases vary across samples, earning them an unreliable basis for detection.”

The effects of these updates would also be far-achieving since Hive’s RaaS payload has been spotted by Microsoft in companies in the health care and application industries and linked with massive ransomware affiliates like DEV-0237.

The tech giant’s security crew also said that lots of of the variants and samples it analyzed have low detection costs, and none are correctly discovered as Hive (inspite of the malware currently being first noticed final 12 months) by some antivirus software packages.

Microsoft Defender Antivirus gives detection for this threat, nonetheless, with create variation 1.367.405. or afterwards.

The information arrives days just after Microsoft’s Security Intelligence group issued a new warning from a acknowledged cloud menace actor (TA) group identified as 8220.


Some sections of this short article are sourced from:
www.infosecurity-magazine.com

Previous Post: «is this the end of the road for ransomware? Microsoft identifies sophisticated Hive ransomware variant written in Rust
Next Post: APT Hacker Group Bitter Continues to Attack Military Targets in Bangladesh Cyber Security News»

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Primary Sidebar

Report This Article

Recent Posts

  • Over 269,000 Websites Infected with JSFireTruck JavaScript Malware in One Month
  • Ransomware Gangs Exploit Unpatched SimpleHelp Flaws to Target Victims with Double Extortion
  • CTEM is the New SOC: Shifting from Monitoring Alerts to Measuring Risk
  • Apple Zero-Click Flaw in Messages Exploited to Spy on Journalists Using Paragon Spyware
  • WordPress Sites Turned Weapon: How VexTrio and Affiliates Run a Global Scam Network
  • New TokenBreak Attack Bypasses AI Moderation with Single-Character Text Changes
  • AI Agents Run on Secret Accounts — Learn How to Secure Them in This Webinar
  • Zero-Click AI Vulnerability Exposes Microsoft 365 Copilot Data Without User Interaction
  • Non-Human Identities: How to Address the Expanding Security Risk
  • ConnectWise to Rotate ScreenConnect Code Signing Certificates Due to Security Risks

Copyright © TheCyberSecurity.News, All Rights Reserved.