Avast Threat Research announced the discovery of new Golang ransomware, which they called HermeticRansom. This malware was found around the same time the HermeticWiper was found, and based on publicly available information from security community it was used in recent cyberattacks in Ukraine. The new ransomware was likely used as a smokescreen for the HermeticWiper attack due to its non-sophisticated style and poor implementation. Findings in a nutshell: Elections GoRansom (aka HermeticRansom) was used to target assets on the same day as HermeticWiper; The developers used a sarcastic function-naming scheme related to US presidential elections; The malware does not use any kind of obfuscation and has pretty straightforward functionality, suggesting it was created in a short amount of time.
Login to the community
No account yet? Create an account
LoginCUSTOMER / CYMULATE EMPLOYEE LOGIN
Enter your username or e-mail address. We'll send you an e-mail with instructions to reset your password.