skip to Main Content

Cybercrime: here it comes Exorcist, new Ransomware-as-a-service

Cybercrime is spreading a new Ransomware-as-a-service: Exorcist. It doesn’t attack CIS countries and works without internet connection. The ransom, if it is not paid on time, triples

It has been dubbed Exorcist, and is a new ransomware on the wild. It has been discovered by the cyber security expert Leandro Velasco. The malware exploits AES 256+RSA 4096 encryption. It works with files through IOCI, and without an internet connection, and is written on C using WinAPI. Furthermore, MalwareHunterTeam reports, it checks for CIS countries in a way before any action: it checks locale. Also, in the data it sends back, there is a “hasrukeys”, which is based on GetKeyboardLayoutList values. Cybercrime is spreading it as a ransomware-as-a-service (RaaS), with partner commission 30% according 3xp0rt, and it already made some victims. Furthermore, if the ransom is not payed in a certain time, the decryptor cost will increase three times. the At the moment, however, the ways of spreading of the malicious code are not known.

Back To Top