Is This The End Of Bitcoin’s Ransomware Monopoly?

By   ISBuzz Team
Writer , Information Security Buzz | Jan 11, 2018 07:00 am PST

News broke overnight that , a new variant of the HC7 Ransomware is in the wild that encrypts a victim’s files and appends the .PLANETARY extension to the filename. What makes this particular ransomware variant unique is that it may be the first one that accepts the Ethereum cryptocurrency as a ransom payment. Andy Norton, Director of Threat Intelligence at Lastline commented below.

Andy Norton, Director of Threat Intelligence at Lastline: 

“The monopoly of bitcoin as a criminal payment currency is over. Famously the shadow brokers led the way specifying ZCash as their platform, but additionally we have tracked a huge trend towards Monero by cybercriminals as a mining payload and now as a ransomware payment option. Cybercriminals are probably offering multiple options for a few reasons. Firstly, they expect more people to have a bitcoin wallet, making it easier for them to pay, and secondly they expect Ethereum and Monero to rise more sharply than bitcoin. There has been 1 transaction into the bitcoin wallet specified ( 14waKKzAEQbTmM1Wyfax2N1cgjJbHjhH7J ). However, it’s not just Ethereum; We have seen Aero, FantomCoin and Monero all being used in malware payloads. It also looks likely a Brazilian insurance company has been impacted with a related .RQUILT extension instead of .planetary”

Notify of
0 Expert Comments
Inline Feedbacks
View all comments

Recent Posts

Would love your thoughts, please comment.x