Security News KillDisk ransomware demands over $215,000

[LASER_oneXM]

...some quotes from the article above:

A malware family previously used to sabotage computers by deleting and rewriting files has added a ransomware component, now encrypting files and demanding a huge ransom.
Until now, the KillDisk malware family has been only associated with cyber-espionage and cyber-sabotage operations, most of which had been carried out in the industrial sector.

The group behind this malware is known under two names: Sandworm or TeleBots.

The Sandworm gang is known for its work on the Sandworm malware that targeted and sabotaged industrial control systems (ICS) and supervisory control and data acquisition (SCADA) industrial devices in the US in 2014.

The KillDisk encryption system is also very robust, encrypting each file with its own AES key, and then encrypting the AES key with a public RSA-1028 key.
To unlock the files, the victim must contact the TeleBots gang via an email address, pay the ransom, and receive the private RSA key that decrypts all the files.

 

[nclr11111]

This scares the hell out of me thinking of all public hospitals etc with inadequate security and/or misconfigured firewalls. If one of those malwares finds it´s way in, then..... Even with backups the damage will be catastrophical until all is up and running again.
And my belief that some folks on IT-department has their heads up their arses doesn´t make me feel any better!

Sometimes i wonder what was wrong with paper and pencils.....

 

[_CyberGhosT_]

Nasty, Incorporated some of the leaked NSA goodies maybe ?
This sounds very nasty.
Awesome share !!

 

[_CyberGhosT_]

With that price, it points to them targeting large corporations
and businesses, man they better be ready.

 

[Svoll]

In an utopia, we would have made so many great strives toward tech advancement!

In reality, we are battling each other for profit.

On the plus side, the future will hold many security experts and security developers. Gotta look at the bigger and better picture of things.

 

[jamescv7]

This is the most expensive ransom price I've ever encountered, definitely the system should be at limited user account to prevent it to avoid massive damage.

I.T personnel should properly implement strong security measures and avoid traditional AV concept.