The eager-but-pwned net threat behind a JigSaw ransomware has been found targeting Reddit users with mixed malware in a bid to trap victims.
The VXer is suspicion to be behind 3 ransomware variants, including a obvious Jigsaw that sports iconography from a Saw film, any sneaking behind websites that foist a malware to visitors.
The actor regulating a hoop minercount on a forum had built and sole ransomware on crime forums and muster it themselves in a successful bid to taint victims.
Attribution is formidable during best, though a Cisco Talos comprehension boffins have laid out their bondage of justification that prove one scumbag is behind Jigsaw, Ranscam, and a AnonPop ransomware forms.
Scores of low-ranking posts were done to a Bitcoin and associated subreddits indicating those who click to a sites that downloaded an AutoIT executable that deployed their ransomware.
One post was done purporting to be a cache of online anonymity tools, including a Tor browser. It contained a actor’s ransomware along a beam to a darknet.
The buffoon even posted a tainted couple to a cryptowallremoval subreddit dedicated to assistance victims. The irony is that re-encrypting already encrypted files would be a impotent effort.
Talos blackhat terminators Edmund Brumaghin and Warren Mercer forked intelligence