What is ransomware?
Ransomware is a type of malicious software used to extort money from businesses. Ransomware either blocks a company’s access to its network and website or threatens to share the business’s sensitive/customer data until or unless a ransom is paid.
Ransomware cybersecurity threats
New ransomware called ‘Night Sky’ attacks business networks, stealing data in a double-extortion attack. The Night Sky ransomware was first detected on December 27th, 2021, and identified by MalwareHunterTeam.
Within two weeks, two companies have become victims of the new ransomware. One of the two victims received a ransom demand to the tune of $800,000 for a promise not to publish the company’s data and to provide decryptor software to return access to their systems.
Night Sky is modified ransomware that delivers a bespoke ransom note with hardcoded login credentials to access the ransom negotiation page. This particular ransomware encrypts all files, excluding those ending with a .d; or.exe file extension. It does not encrypt folders or files in Google, Opera, Mozilla, Mozilla Firefox, Windows. Old, Windows, recycle bin, all users, and all programs.
A NightSkyReadMe.hta named ransom note is added to each folder and details what has been stolen, their contact emails, and the hardcoded login credentials for the negotiation page.
Night Sky uses a simple website and email addresses powered by Rocket. Chat. The Rocket. Chat. Ransom note includes the credentials to access the specified negotiation URL.
What is Malware?
Malware is any malicious software that disrupts computer systems, servers, and networks, gains access to systems, deprives users of access or leaks confidential information.
Malware cybersecurity threats
A new method of gaining continued access to an iOS device has appeared. The infected device seems to be locked in the shutdown process, making it impossible to tell if the iPhone is off or on.
Named ‘NoReboot,’ the malware was created by ZecOps, a mobile security firm. They discovered a method to halt and replicate the iOS reboot process. The victim assumes the iOS device has been turned off when it hasn’t. NoReboot essentially interferes with the iPhone’s shutdown and restart procedure, injects a Trojan, and prevents the shutdown from ever occurring.
The goal of the NoReboot malware was to make it look like the iPhone was turned off when the physical buttons were pressed. With the user turning the iPhone off or tricked into doing so by mimicking a low battery status, the malicious actor can remotely influence the iPhone without detection concerns.