Rust-Written 3AM Ransomware: A Sneak Peek into a New Malware Family

2023-09-13 09:56

A new ransomware family called 3AM has emerged in the wild after it was detected in a single incident in which an unidentified affiliate deployed the strain following an unsuccessful attempt to deploy LockBit in the target network.

"3AM is written in Rust and appears to be a completely new malware family," the Symantec Threat Hunter Team, part of Broadcom, said in a report shared with The Hacker News.

"The ransomware attempts to stop multiple services on the infected computer before it begins encrypting files. Once encryption is complete, it attempts to delete Volume Shadow copies."

While the exact origins of the ransomware remains unknown, there is evidence that the ransomware affiliate connected to the operation is targeting other entities, according to a post shared on Reddit on September 9, 2023.

"Ransomware affiliates have become increasingly independent from ransomware operators," Symantec said.

"New ransomware families appear frequently and most disappear just as quickly or never manage to gain significant traction. However, the fact that 3AM was used as a fallback by a LockBit affiliate suggests that it may be of interest to attackers and could be seen again in the future."

News URL

https://thehackernews.com/2023/09/rust-written-3am-ransomware-sneak-peek.html

#malware #ransomware