This ransomware is so bad that it becomes even more dangerous
Cryptonite is a strange ransomware to say the least, as it is described by cybersecurity experts as particularly poorly constructed. But make no mistake: it is all the more dangerous. Indeed, the latter is unable to decipher the data that he himself has stolen. In other words, even by paying the ransom, it will be impossible to recover them.
Ever since the ransomware boom of the 2010s, major global security agencies have been hammering out the same advice: never pay the ransom, even for particularly sensitive data. Two major reasons can explain this position: first, the victim has no guarantee of finding his data intact; second, it only encourages hackers to perpetuate their bad deeds.
Cryptonite, a new ransomware detected by Fortinet teams, alone justifies the mention of a third reason: hackers may simply have done their job poorly. Indeed, if Cryptonite appears at first sight as a very classic ransomware, encrypting the data of its victim before asking for a ransom, it is unique in that it is then unable to decrypt them. .
On the same subject — Discord: this dangerous ransomware also steals your account in addition to your data
Cryptonite is poorly made, and that’s what makes it fearsome
Thus, Fortinet experts explain that a problem within the Fortinet architecture itself prevents the launch of the decryption procedure once the ransom has been paid. Worse still, by attempting to launch the latter, the ransomware may choose to crash or even, in some cases, assign a new encryption key to the data. In other words, even the hacker behind the attack will not be able to recover them.
In this sense, Cryptonite acts more like a wiper, grabbing data to delete it instantly. “While we often complain about the increasing sophistication of ransomware, we can also see that over-simplicity and lack of quality assurance can also lead to significant issues”, writes Fortinet. Let’s remember the basics: never pay a ransom demanded by a hacker.
Source : Fortinet