all InfoSec news
Nevada Ransomware Being Distributed in Korea
Malware Analysis, News and Indicators - Latest topics malware.news
AhnLab Security Emergency response Center (ASEC) discovered cases of the Nevada ransomware being distributed during the team’s internal monitoring. Nevada is a malware written using Rust as its basis and its tendency of adding the “.NEVADA” extension to the files it infects is its defining trait. After encrypting directories, it generates ransom notes with the filename “README.txt” in each directory. These notes contain a Tor browser link for ransom payments.
Figure 1. Encrypted file examples (left), Nevada ransom note (right) …
ahnlab asec browser cases center directory distributed emergency encrypted extension filename files internal korea link malware malware analysis monitoring nevada nevada ransomware payments ransom ransom notes ransomware response rust security team tor tor browser txt