The SonicWall Capture Labs Threat Research Team observed reports of a new variant family of InsaneCrypt Ransomware [InsaneCrypt.RSM] actively spreading in the wild.
InsaneCrypt encrypts the victims files with a strong encryption algorithm, replaces the partition table of the system drive in some manner until the victim pays a fee to get them back.
SonicWall has analyzed and addressed Microsoft’s security advisories for the month of January, 2018. A list of issues reported, along with SonicWall coverage information are as follows:
Sonicwall Threats Research team observed a sudden spike in Android apps with hidden crypto miner functionality. Such apps masquerade themselves as legitimate apps – such as games, music or video apps but in the background they start mining cryptocurrency using the resources of the infected victim’s hardware.
Malicious Android apps with mining capability have been existing already but we saw a sudden surge in such apps on January 8, 2018. With the recent popularity of crypto-currencies like Bitcoin, Ethereum and Ripple the rise in such malware apps is not surprising.
The SonicWall Capture Labs Threat Research Team has conducted an experimental dialog similar to our previous PayDay ransomware SonicAlert. This time we look at a ransomware threat known as Genasom where the operators use email to communicate and negotiate payment with their victims. In this case the operator wanted direct access to the infected machine in order to “fix” the problem after which a small donation is requested (according to them).
The Meltdown and Spectre are a series of critical vulnerabilities that leads to sensitive information disclosure from an operating system, caused by a fundamental design flaw in Intel’s processors.