Till November 2019, those who were spreading ‘Death Ransomware’ were just fooling people in believing that their computer files were encrypted and were asking them to pay a ransom. But now, in the New Year, 2020 things have turned little serious as now the coding of the ransomware has evolved into the encryption of files with a stronger algorithm.
According to the researchers from Fortinet, DeathRansom has evolved into a file-encrypting malware that locks down files from being accessed with a solid encryption scheme. And what’s discovered on a recent note is that the developers of DeathRansom have devised a distribution scheme which attained success in making regular victims from the past 2 months on a day to day note.
Security researchers have found out that the new ransomware strain is using Curve25519 Algorithm for the Elliptic Curve Diffie Hellman Key Exchange Scheme. So, it proved that the hackers are using Salsa2O, RSA-2048 and AES-256 ECB XOR algorithm to lock down files from being accessed.
Currently, the author of DeathRansom is being tracked down and some websites distributing the payloads have been identified.
It’s believed that the cyber crooks who were earlier caught distributing cryptocurrency miners, password stealers, and fake software were involved in the incident.
Evidence is out that a Russian named Egor Nedugov, hailing from the town near Rostov-on-Don might have been involved in the development and distribution of the DeathRansom. Reports are in that that the person has also involved in the crime of infecting the ransomware to his fellow hackers who he met on technology-based dark-web forums.