Researchers from Cyble Research and Intelligence Labs (CRIL) discovered new ransomware programs, Putin Team, ScareCrow, BlueSky, and Meow, which are based on the Conti ransomware source code that was leaked online earlier this year.
Putin Team (ChaCha20 encryption algorithm)
Putin Team — Due to its rapid encryption process, ChaCha20 is widely used by ransomware groups. In order for files to be encrypted, the “.PUTIN” extension is added to them once they have been encrypted. Usually, ransomware notes are located in a “README.txt” file in each folder and include links to Telegram, the victim’s identifier, and instruction on how to decrypt files. Putin Team claims to be of Russian origin, but this isn’t confirmed. In order to indicate their victims, the attackers use Telegram. There have been two victims so far.
ScareCrow (encrypts files)
ScareCrow — Works the same way: it encrypts the file and adds “.CROW” as an extension. Their ransom note contains the contact information of 3 Telegram hackers, which victims can use to contact cybercriminals.
My Other Computer is Your Computer Funny Hacker Gift T-Shirt
I Am The Game Master Anonymous Hacker Computer Hacking T-Shirt
Hacker Security Professional Funny Programmer Gift T-Shirt
BlueSky (The group uses an onion site)
BlueSky — Start of activity in the second half of 2022, around the same time as the Conti and Babuk ransomware. Encrypted files have the extension “.BLUESKY”. The group used the Onion website to negotiate with victims.
Meow
Meow — It appends the extension “.MEOW” to the encrypted files and the ransom note contains 4 email addresses and 2 Telegram contacts to contact the hackers.
Using Automatic Updates
Backing up your data on a regular basis, enabling automatic software updates and steering clear of suspicious links are all measures that experts suggest taking to protect your computer from harm.
We publish our latest Logll Tech News via Telegram and Twitter.
FAQ:
❓ What are the four new virus programs?
The four new virus programs are Scarecrow, BlueSky, Meow, and Putin.
✔️ Who discovered them?
They were discovered by a team of researchers from Cyble Research and Intelligence Labs.
🚀 What do they do?
They are designed to infect computers and steal information.