All articles tagged with #malware development
Cybercriminals are increasingly using generative AI tools to develop and enhance ransomware attacks, including drafting intimidating ransom notes and creating malware, with some even offering ransomware services to other criminals, marking a significant evolution in cybercrime tactics.
LockBit ransomware developers were secretly working on a new version of their file encrypting malware, LockBit-NG-Dev, likely to become LockBit 4.0, before law enforcement took down their infrastructure. The new version, written in .NET and compiled with CoreRT, supports multiple operating systems and includes features such as three encryption modes, custom file exclusion, and a self-delete mechanism. While the new encryptor lacks some features present in previous iterations, its discovery is another blow to LockBit operators through Operation Cronos, making restoring their cybercriminal business a tough challenge.
The developers of the Rhadamanthys information-stealing malware have released two major versions, introducing new stealing capabilities and enhanced evasion techniques. The malware, sold via a subscription model, targets email, FTP, and online banking service account credentials. The latest versions feature a new plugin system for customization, improved stub construction, and client execution process, as well as fixes for targeting cryptocurrency wallets. Rhadamanthys also includes passive and active stealers for data exfiltration, with the ability to evade Windows Defender. The rapid development of Rhadamanthys makes it an increasingly attractive tool for cybercriminals.