Ransomware, Malware, Threat Management
Novel Rust-based Agenda ransomware variant discovered
Share
Ransomware-as-a-service operation Qilin has developed a novel Rust-based variant of the Agenda ransomware strain, which was originally based in the Go programming language and was used to compromise the healthcare and education sectors in Indonesia, Thailand, Saudi Arabia, and South Africa, The Hacker News reports.
Intermittent encryption is being conducted by Agenda ransomware in an effort to facilitate quicker encryption while bypassing detection, according to a Trend Micro report.
However, the new Agenda ransomware variant was found to be enhanced with capabilities allowing Windows AppInfo process termination and User Account Control deactivation.
"At present, its threat actors appear to be migrating their ransomware code to Rust as recent samples still lack some features seen in the original binaries written in the Golang variant of the ransomware. Rust language is becoming more popular among threat actors as it is more difficult to analyze and has a lower detection rate by antivirus engines," said researchers.
An In-Depth Guide to Ransomware
Get essential knowledge and practical strategies to protect your organization from ransomware attacks.
Related Events
Related Terms
AdwareBackdoorBotnetBrute ForceCorruptionCovert ChannelsDarknetDeauthentication AttackDenial of ServiceDumpSecGet daily email updates
SC Media's daily must-read of the most current and pressing daily news