Purelocker

Built to Dodge Your Detection: Could This Be the First ‘Smart Malware’

Cybercriminals have done it again, they’ve developed ransomware that can now be ported to ALL MAJOR operating systems including, Windows, Linux, and MacOS. These attacks come targeted against your data servers. The name for this is PureLocker, a snaky nod to the programming language it’s been written in Pure Basic.

Carefully designed to evade detection, hiding malicious behavior in sandbox environments, using only functions seen in music playback. Reports have flown in that this malware can check if it’s in a ‘debugger’ environment, it will exit immediately deleting and hiding the payload from execution.

This has enabled PureLocker malware to stay hidden from many of the industry’s leading detection devices for up to several months. Many attacks will be launched on servers, laying aim to holding you hostage and only returning full-operation, after the ransom has been paid. Typically, these are seen by many as ‘high-value assets’ making these payment demands, suddenly sky-rocket. It should be noted, several of these examples had code to remove ALL DATA if the ransom was not paid within 7 days.

After doing some internet sleuthing, we uncovered several of these ransomware campaigns on the Dark Web, being offered to many as ‘Attacks-as-a- Service.’ Although cybercriminal operations and groups are on the rise, this bespoke attack is now being poised for use in phishing emails.

Don’t Be Fooled

These attacks mean business and are designed for criminals who know exactly how to hit organizations where it can hurt. Although uncertain how exactly its payload is delivered to businesses at this time, we know it operates with multi-staged attacks, further muddying the ability to rollback servers and systems from a single recovery point.

Those infected with the malware will see the normal signs of an attack, a ransom note with an email to begin communicating the negotiation of a fee to decrypt your files. BE WARNED: you will only have 7 days to pay the ransom, or all files will become uncoverable.

Concerned About the Health of Your Security Infrastructure?
We can help, with experts looking to provide your business, and employees with peace-of-mind knowing your data, and company reputation is protected. Bring constant visibility and threat reporting to your team, with NetCentral Secure from Clare Computer Solutions – Call us today to begin discussing your options.