• Menu
  • Skip to main content
  • Skip to primary sidebar

The Cyber Security News

Latest Cyber Security News

Header Right

  • Latest News
  • Vulnerabilities
  • Cloud Services
new ransomexx ransomware variant rewritten in the rust programming language

New RansomExx Ransomware Variant Rewritten in the Rust Programming Language

You are here: Home / General Cyber Security News / New RansomExx Ransomware Variant Rewritten in the Rust Programming Language
November 24, 2022

The operators of the RansomExx ransomware have turn out to be the newest to create a new variant absolutely rewritten in the Rust programming language, subsequent other strains like BlackCat, Hive, and Luna.

The most up-to-date variation, dubbed RansomExx2 by the danger actor recognized as Hive0091 (aka DefrayX), is largely designed to operate on the Linux operating procedure, while it truly is predicted that a Windows version will be unveiled in the potential.

RansomExx, also recognised as Defray777 and Ransom X, is a ransomware family that is known to be energetic due to the fact 2018. It has considering that been joined to a amount of attacks on governing administration companies, brands, and other superior-profile entities like Embraer and GIGABYTE.

✔ Approved From Our Partners
AOMEI Backupper Lifetime

Protect and backup your data using AOMEI Backupper. AOMEI Backupper takes secure and encrypted backups from your Windows, hard drives or partitions. With AOMEI Backupper you will never be worried about loosing your data anymore.

Get AOMEI Backupper with 72% discount from an authorized distrinutor of AOMEI: SerialCart® (Limited Offer).

➤ Activate Your Coupon Code


“Malware penned in Rust often advantages from reduce [antivirus] detection costs (in contrast to those written in more popular languages) and this could have been the key reason to use the language,” IBM Security X-Pressure researcher Charlotte Hammond said in a report revealed this week.

RansomExx2 is functionally identical to its C++ predecessor and it normally takes a checklist of goal directories to encrypt as command line inputs.

As soon as executed, the ransomware recursively goes as a result of every single of the specified directories, adopted by enumerating and encrypting the data files employing the AES-256 algorithm.

A ransom note containing the demand is in the end dropped in each of the encrypted directory upon completion of the stage.

The growth illustrates a new development where a rising selection of malicious actors are making malware and ransomware with lesser-identified programming languages like Rust and Go, which not only offer you greater cross-platform flexibility but can also evade detection.

“RansomExx is nonetheless another major ransomware family members to switch to Rust in 2022,” Hammond discussed.

“Whilst these latest modifications by RansomExx may well not depict a significant up grade in operation, the swap to Rust implies a ongoing aim on the advancement and innovation of the ransomware by the group, and ongoing makes an attempt to evade detection.”

Observed this write-up appealing? Stick to THN on Fb, Twitter  and LinkedIn to go through additional exclusive content we article.


Some areas of this write-up are sourced from:
thehackernews.com

Previous Post: «japan considers creating new cyber defence agency as attacks ramp Japan considers creating new cyber defence agency as attacks ramp up in region
Next Post: Sonder confirms data breach, documents and other PII potentially compromised Cyber Security News»

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Primary Sidebar

Report This Article

Recent Posts

  • BREAKING: 7,000-Device Proxy Botnet Using IoT, EoL Systems Dismantled in U.S. – Dutch Operation
  • OtterCookie v4 Adds VM Detection and Chrome, MetaMask Credential Theft Capabilities
  • Initial Access Brokers Target Brazil Execs via NF-e Spam and Legit RMM Trials
  • Deploying AI Agents? Learn to Secure Them Before Hackers Strike Your Business
  • Malicious npm Packages Infect 3,200+ Cursor Users With Backdoor, Steal Credentials
  • Beyond Vulnerability Management – Can You CVE What I CVE?
  • Google Rolls Out On-Device AI Protections to Detect Scams in Chrome and Android
  • Chinese Hackers Exploit SAP RCE Flaw CVE-2025-31324, Deploy Golang-Based SuperShell
  • 38,000+ FreeDrain Subdomains Found Exploiting SEO to Steal Crypto Wallet Seed Phrases
  • SonicWall Patches 3 Flaws in SMA 100 Devices Allowing Attackers to Run Code as Root

Copyright © TheCyberSecurity.News, All Rights Reserved.