A malware family previously used to sabotage computers by deleting and rewriting files has added a ransomware component, now encrypting files and demanding a huge ransom.

A malicious program called KillDisk that has been used in the past to wipe data from computers during cyberespionage attacks is now encrypting files and asking for an unusually large ransom.

$247,000 KillDisk ransomware demands a fortune, forgets to unlock files The malware asks for 222 Bitcoin but will not honor promises to decrypt files after payment is made.

From there, the system can install KillDisk malware or make use of a SSH backdoor to provide attackers with remote access. “After having successfully infiltrated a critical system with either of ...

The rise of TeleBots: Analyzing disruptive KillDisk attacks ESET's Anton Cherepanov analyzes the work of TeleBots, a malicious toolset that was used in focused cyberattacks against targets in ...