More advanced encryption, stealth added to novel Qilin ransomware variant

25 October 2024

Aside from featuring Chacha 20 encryption retained from older variants of the ransomware, Qilin.B has been strengthened with AES-256-CTR encryption, which could be leveraged to compromise AESNI-capable systems, as well as RSA-4096 with OAEP padding, which ensures that files are not decrypted without the attackers’ private key, a report from the Halcyon Research Team revealed. Qilin.B was also discovered by researchers to enable the termination of security tool services and backup and virtualization service process, as well as remove Windows Event Logs, volume shadow copies, and itself.

Source: SC Magazine

Date:

25 October 2024

Categorie(s):

NEWS

Tag(s):

IT, New, News, Ransomware, Variant

China’s Volt Typhoon reportedly breached Singtel in ‘test-run’ for US telecom attacks6 November 2024
Snowflake data theft suspect arrested in Canada6 November 2024
Scumbag puts ‘stolen’ Nokia source code, SSH and RSA keys, more up for sale6 November 2024
Canada arrests suspected hacker over breach of 160+ Snowflake users’ data6 November 2024
Cyberthreats linked to foreign actors aim to hinder Election Day proceedings5 November 2024