Open Source Ransomware Toolkit Cryptonite Turns Into Accidental Wiper Malware

2022-12-06 06:11

A version of an open source ransomware toolkit called Cryptonite has been observed in the wild with wiper capabilities due to its "Weak architecture and programming."

Written in Python, the malware employs the Fernet module of the cryptography package to encrypt files with a ".

A new sample analyzed by Fortinet FortiGuard Labs has been found to lock files with no option to decrypt them back, essentially acting as a destructive data wiper.

"The problem with this flaw is that due to the design simplicity of the ransomware if the program crashes - or is even closed - there is no way to recover the encrypted files," Fortinet researcher Gergely Revay said in a Monday write-up.

The exception thrown during the execution of the ransomware program also means that the "Key" used to encrypt the files is never transmitted to the operators, thereby locking users out of their data.

The findings come against the backdrop of an evolving ransomware landscape where wipers under the guise of file-encrypting malware are being increasingly deployed to overwrite data without allowing for decryption.

News URL

https://thehackernews.com/2022/12/open-source-ransomware-toolkit.html

#malware #opensource #ransomware