Security News > 2024 > July > New Ransomware-as-a-Service 'Eldorado' Targets Windows and Linux Systems

An emerging ransomware-as-a-service operation called Eldorado comes with locker variants to encrypt files on Windows and Linux systems.
Eldorado first appeared on March 16, 2024, when an advertisement for the affiliate program was posted on the ransomware forum RAMP, Singapore-headquartered Group-IB said.
"The Eldorado ransomware uses Golang for cross-platform capabilities, employing Chacha20 for file encryption and Rivest Shamir Adleman-Optimal Asymmetric Encryption Padding for key encryption," researchers Nikolay Kichatov and Sharmine Low said.
Eldorado is the latest in the list of new double-extortion ransomware players that have sprung up in recent times, including Arcus Media, AzzaSec, dan0n, Limpopo, LukaLocker, Shinra, and Space Bears once again highlighting the enduring and persistent nature of the threat.
The development coincides with the discovery of new Linux variants of Mallox ransomware as well as decryptors associated with seven different builds.
"The ongoing development of new ransomware strains and the emergence of sophisticated affiliate programs demonstrate that the threat is far from being contained," Group-IB noted.
News URL
https://thehackernews.com/2024/07/new-ransomware-as-service-eldorado.html
Related news
- New VanHelsing ransomware targets Windows, ARM, ESXi systems (source)
- FINALDRAFT Malware Exploits Microsoft Graph API for Espionage on Windows and Linux (source)
- LightSpy Expands to 100+ Commands, Increasing Control Over Windows, macOS, Linux, and Mobile (source)
- New Linux Malware ‘Auto-Color’ Grants Hackers Full Remote Access to Compromised Systems (source)
- Seven Malicious Go Packages Found Deploying Malware on Linux and macOS Systems (source)
- VanHelsing ransomware emerges to put a stake through your Windows heart (source)
- EncryptHub linked to MMC zero-day attacks on Windows systems (source)
- FIN7 Deploys Anubis Backdoor to Hijack Windows Systems via Compromised SharePoint Sites (source)