PureLocker - a very 'weird' ransomware strain that can encrypt servers

PureLocker: New ransomware strain with an unusual attack mechanism

Following 2018, 2019 is still a year that IT teams and security companies around the world must obsess over ransomware - the type of ransomware encryption software that is causing billions of dollars in damage to businesses. and individuals, even government organizations.

LockerGoga, RobbinHood, Grandcab, MegaCortex and Ryuk . have been the names of 'nightmares' during the past 11 months, but there is another ransomware strain with an extremely unique attack method that makes many experts top security information is sweating, which is PureLocker - ransomware strains can encrypt the server.

PureLocker - a very 'weird' ransomware strain that can encrypt servers Picture 1 PureLocker - a very 'weird' ransomware strain that can encrypt servers Picture 1

PureLocker: New ransomware strain with an unusual attack mechanism

PureLocker is a new type of ransomware that is widely used in attacks targeting corporate servers and appears to be closely associated with some notorious cybercrime groups.

According to analysis by researchers at Intezer and IBM X-Force, the malware is unique in that it mainly focuses on encrypting victim's servers to request ransom. The reason is called PureLocker because it is written in the PureBasic programming language. The hacker choice in writing ransomware in PureBasic itself is not normal. This gives attackers a number of advantages, such as forcing network security service providers to struggle to create a reliable signature for malware written in language. this term. In addition, PureBasic can easily switch between Windows, Linux and macOS, creating complex cross-platform attacks.

Targeting servers is a great way for PureLocker to earn a higher ransom. When a server is encrypted, the ransom offered is usually not less than hundreds of thousands of euros. This is because organizations tend to store their most important data on servers and are often willing to pay a higher price to be able to redeem this 'vital' information store.

PureLocker attack campaigns are currently being deployed more and more widely worldwide with the main target being large enterprises. With unusual tactics and attacks, this malicious code is considered to be a name that will be mentioned many times in 2020.