Malware News Spectre Ransomware May Be Coming for you Soon

Solarquest

Solarquest

Moderator
Thread author
Verified
Staff Member
Malware Hunter
Well-known
Jul 22, 2014
2,525
A new ransomware was discovered today by MalwareHunterTeam called Spectre. This ransomware is currently in testing mode by the developer, but due to the time and effort that has been put into it's creation, I would not be surprised to see this go into distribution soon. With this in mind, I decided to play with the sample a bit and create a quick writeup on the Spectre ransomware from my own analysis.

For those who may become infected with this ransomware in the future, you can ask for help in our dedicated Spectre Ransomware Support & Help Topic.

Spectre is Currently in Testing Mode
When Spectre is installed, it will connect to the Command & Control server at the a0142503.xsph.ru/testing.php?mode=a1 URL. The C2 server will then respond with a unique victim ID, bitcoin address, and public key that should be used to encrypt the victims files.

The ransomware will then delete the shadow volume copies and begin to scan the computer for certain file types to encrypt.
....


Thanks to @Der.Reisende sample is already being tested in the Hub.
 
  • Like
Reactions: woodrowbone, Fritz, Viking and 8 others
jamescv7

jamescv7

Level 85
Verified
Honorary Member
Mar 15, 2011
13,070
@RECdevicehelper: Indeed however the problem here is all about the mentality of a person which you cannot prevented it but the main important to be discuss is how to steer away from programs that came from unknown source.

In that matter a person will build a permanent mindset where if it's in the spam message then better not to read or download some things.
 
  • Like
Reactions: Fritz and ravi prakash saini
RECdevicehelper

RECdevicehelper

Level 2
Verified
Jun 3, 2017
49
jamescv7 said:
@RECdevicehelper: Indeed however the problem here is all about the mentality of a person which you cannot prevented it but the main important to be discuss is how to steer away from programs that came from unknown source.

In that matter a person will build a permanent mindset where if it's in the spam message then better not to read or download some things.
Click to expand...
I would definitely agree with you there @jamescv7. We need to show them how these cyber criminals trick you, the safe place to download programs and how to identify spam and fake emails.
 
You must log in or register to reply here.

Similar threads

Gandalf_The_Grey
    • Like
    • +Reputation
Security News Intel, AMD CPUs on Linux impacted by newly disclosed Spectre bypass
Replies
2
Views
1,672
Security News
SeriousHoax
SeriousHoax
Gandalf_The_Grey
    • Like
Malware News macOS NotLockBit | Evolving Ransomware Samples Suggest a Threat Actor Sharpening Its Tools
Replies
0
Views
1,012
Security News
Gandalf_The_Grey
Gandalf_The_Grey
lokamoka820
    • Like
Hot Take How to Safeguard Your Windows PC Against Ransomware
Replies
1
Views
140
General Security Discussions
Bot
Bot

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top