This ransomware looks to make the world a better place
If you want your decryption key, you need to feed the poor
When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.
A yet unknown threat actor wants to be the Robin Hood of the cyber-era, albeit with a twist. Instead of stealing from the rich and giving to the poor, this group forces the poor to give directly to the rich - by holding their precious data hostage until they do.
Cybersecurity researchers from CloudSEK recently discovered aransomwarestrain named “GoodWill” that still infects companies, but instead of asking for payment, it’s asking for acts of goodwill against those less fortunate, all of which need to be documented and presented both publicly, and to the threat actor itself.
Share your thoughts on Cybersecurity and get a free copy of the Hacker’s Manual 2022. Help us find how businesses are preparing for the post-Covid world and the implications of these activities on their cybersecurity plans. Enter your email at theend of this surveyto get the bookazine, worth $10.99/£10.99.
Helping the poor
Once a company gets infected with GoodWill, it needs to do three things:
Most ransomware victims pay up, but many never recover their data>This spiteful new ransomware strain is even more dangerous than usual>Ransomware – a burgeoning geopolitical weapon?
After all these things, the victims need to write a “beautiful article” about their deeds, and discuss how suffering an attack at the hands of GoodWill turned them into kind human beings. Once the threat actor verifies all was done as requested, the victims will receive the decryption key.
The researchers seemingly tracked the attackers to India, and although it cannot be absolutely certain, suspects this is the samemalwaregroup that operates the HiddenTear ransomware.
Via:Neowin
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.
A new form of macOS malware is being used by devious North Korean hackers
Scammers are using fake copyright infringement claims to hack businesses
OLED vs Mini-LED: which TV type is best?
