BTC $68279.0927
ETH $3629.5433
BNB $418.8260
SOL $133.0943
XRP $0.6497
stETH $3620.7348
ADA $0.7707
DOGE $0.1827
AVAX $43.0376
DOT $9.8988
wstETH $4204.4051
TRX $0.1402
LINK $20.4333
WETH $3627.8562
MATIC $1.1461
WBTC $68015.7231
UNI $12.3628
BCH $469.5171
LTC $88.8112
IMX $3.1360
ICP $13.3800
CAKE $3.3523
ETC $35.9657
FIL $10.0244
LEO $4.8744
ATOM $12.4782
TON $2.7811
HBAR $0.1174
RNDR $7.3750
KAS $0.1614
INJ $40.6866
DAI $0.9990
OKB $56.8390
VET $0.0495
PEPE $0.0000
XLM $0.1458
FDUSD $0.9965
STX $3.0333
XMR $148.4317
WEMIX $2.7041
LDO $3.2821
NEAR $4.3354
GRT $0.3080
ARB $1.9787
THETA $2.3471
APEX $2.6824
BSV $115.5449
BTC $68279.0927
ETH $3629.5433
BNB $418.8260
SOL $133.0943
XRP $0.6497
stETH $3620.7348
ADA $0.7707
DOGE $0.1827
AVAX $43.0376
DOT $9.8988
wstETH $4204.4051
TRX $0.1402
LINK $20.4333
WETH $3627.8562
MATIC $1.1461
WBTC $68015.7231
UNI $12.3628
BCH $469.5171
LTC $88.8112
IMX $3.1360
ICP $13.3800
CAKE $3.3523
ETC $35.9657
FIL $10.0244
LEO $4.8744
ATOM $12.4782
TON $2.7811
HBAR $0.1174
RNDR $7.3750
KAS $0.1614
INJ $40.6866
DAI $0.9990
OKB $56.8390
VET $0.0495
PEPE $0.0000
XLM $0.1458
FDUSD $0.9965
STX $3.0333
XMR $148.4317
WEMIX $2.7041
LDO $3.2821
NEAR $4.3354
GRT $0.3080
ARB $1.9787
THETA $2.3471
APEX $2.6824
BSV $115.5449
  • Catalog
  • Blog
  • Tor Relay
  • Jabber
  • One-Time notes
  • Temp Email
  • What is TOR?
  • We are in tor
  • Unknown ransomware virus ARCrypter is spreading around the world


    The previously unknown ARCrypter ransomware that compromised key organizations in Latin America is now expanding its attacks around the world.

    Researchers in their new report linked ARCrypter to an attack on a Chilean government facility in October that led to the suspension of the agency.

    According to experts from The BlackBerry Research and Intelligence Team, ARCrypter is currently expanding its operations outside of Latin America and is targeting various organizations around the world, including in China, Canada, Germany, the United States and France.

    The ransom demands in each case vary and reach $5,000. Experts explain this by saying that ARCrypter is a mid-range ransomware.

    BlackBerry reports that the first samples of ARCrypter appeared in early August 2022, a few weeks before the attack in Chile.

    The attack vector remains unknown, but analysts were able to find 2 AnonFiles URLs that are used as remote servers to obtain a "win.zip" archive containing the "win.exe" executable.

    The executable file is a dropper file containing BIN and HTML resources. The HTML contains the ransom note, while the BIN includes encrypted data that requires a password.

    If a password is provided, the .bin file creates a random directory on the compromised device to store the ARCrypter second stage payload, which creates its own registry key to persist on the system.

    ARCrypter then removes all volume shadow copies to prevent data recovery, changes network settings to ensure a stable connection, and then encrypts files except for certain file types.

    Files in the Downloads and Windows folders are also skipped so as not to render the system completely unusable.

    In addition to the ".crypt" extension, encrypted files display the message "ALL YOUR FILES HAS BEEN ENCRYPTED".

    Notably, the hackers claim to steal data during their attacks, but they do not have a leak site to post the stolen files.

    Almost nothing is known to ARCrypter operators at this time - their origins, language, and potential ties to other factions.

    Author DeepWeb
    LANIUS kamikaze drone introduced in Israel
    Z-Library is alive! So it seemed until today...

    Comments 0

    Add comment