Security News > 2022 > February > A look at the new Sugar ransomware demanding low ransoms
A new Sugar Ransomware operation actively targets individual computers, rather than corporate networks, with low ransom demands.
Unlikely most ransomware operations you read about in the news, Sugar does not appear to be targeting corporate networks but rather individual devices, likely belonging to consumers or small businesses.
When launched, the Sugar Ransomware will connect to whatismyipaddress.com and ip2location.com to get the device's IP address and geographic location.
The Walmart researchers say that the ransomware encrypts files using the SCOP encryption algorithm.
The ransomware will also create ransom notes named BackFiles encoded01.
As BleepingComputer tested the ransomware on a virtual machine with a small number of files, it could indicate that the ransomware is generating ransom amounts based on the number of encrypted files.