Microsoft warns a new ransomware, The Gentlemen.
Microsoft warns a new ransomware, The Gentlemen, can spread across the company system quickly.
According to a report by the Industrial Cyber website, the Microsoft Threat Intelligence research team, a team of cyber experts at Microsoft, has alerted to the dangers of a new ransomware, The Gentlemen, a ransomware written in the Go language and released on the black market as Rent Ransomware or RaaS (Ransomware-as-a-Service), making it easy for hackers to access. But this part is not the most frightening factor, because the real fear lies in the ability to spread itself (Self-Propagation), allowing the ransomware to spread across the network of an organization or company. Fast addiction to this ransomware can destroy the entire company.
In other areas, this ransomware is heavily focused on Encryption to lock files hostage using the Ephemeral Key encryption technique in each file with curve25519 and XChaCha20 algorithms. In the encryption area, files smaller than 1MB are encrypted perfectly, while larger files are only partially encrypted to make them unusable. They can also be recorded as .umc16h files. They can also manually expand the spread of the Lateral Movement. They can also be smuggled ( Encrypted Exfiltration to a C2 or Command and Control server allows hackers to extort Double Extortion by threatening the victim that if they do not pay to decrypt the victim's file, unless they do not return the file, the data will be sold on the black market. Not only to prevent data recovery efforts, ransomware is also deliberately freeing up space on the hard disk to thwart this effort.
Before the malware encrypts the files, ransomware starts using a variety of Command Line commands to control the encryption boundaries, speed, Lateral Movement, Persistence with Task Scheduling and modification of Run Key within the Registry, and Cleanup, and then manages to lock the local drive, mapped Network Sharing, and try to upgrade the permissions. Supreme Administrator or SYSTEM to provide universal access to the system.
# Trending # Lemon 8 Howtoo # lemon 8 diary # Ransomware # freedomhack





















































































