A malware family previously used to sabotage computers by deleting and rewriting files has added a ransomware component, now encrypting files and demanding a huge ransom.

A malicious program called KillDisk that has been used in the past to wipe data from computers during cyberespionage attacks is now encrypting files and asking for an unusually large ransom.

$247,000 KillDisk ransomware demands a fortune, forgets to unlock files The malware asks for 222 Bitcoin but will not honor promises to decrypt files after payment is made.

The rise of TeleBots: Analyzing disruptive KillDisk attacks ESET's Anton Cherepanov analyzes the work of TeleBots, a malicious toolset that was used in focused cyberattacks against targets in ...

From there, the system can install KillDisk malware or make use of a SSH backdoor to provide attackers with remote access. “After having successfully infiltrated a critical system with either of ...