CySecurity News – Latest Information Security and Hacking Incidents
The new year has brought with it new ransomware named ‘Night Sky,’ which targets corporate networks and steals data in double-extortion attacks.
The Night Sky operation began on December 27th, according to MalwareHunterTeam, which was the first to identify the new ransomware. The ransomware has since published the data of two victims.
One of the victims got an initial ransom demand of $800,000 in exchange for a decryptor and the promise that the stolen material would not be made public.
How Night Sky encrypts devices
A sample of the Night Sky ransomware seen by BleepingComputer has a personalised ransom note and hardcoded login credentials to access the victim’s negotiation page.
When the ransomware is activated, it encrypts all files except those with the.dll or.exe file extensions. The ransomware will not encrypt the following files or folders:
• AppData
• Boot
• Windows
• Windows.old
• Tor Browser
• Internet Explorer
• Google
•
Content was cut in order to protect the source.Please visit the source for the rest of the article.
Content was cut in order to protect the source.Please visit the source for the rest of the article.
Read the original article: