A new ransomware named ‘Syrk’ is aimed at fake-playing Fortnite players. ‘Syrk’ encrypt the files on your hard disk drive, and deletes everything as soon as a victim is no money in the crypto deposit. However, it is unknown what the amount is, or what cryptomunten the hackers ‘ demands. Fortnite is one of the most popular games at the moment.
Contents
Cheating-the-cheater
Syrk pretends to be an “aimbot” for a more precise aiming during game play, and “ESP” shows you where other players are in the game themselves. So, with this cheat tool you can get fun from cheating.
The Syrk-malware presents itself in the file. “SydneyFortniteHacks.exe”. After the reboot, the app starts with the encoding of the files on the hard drive of your computer. As soon as a target is not on the bridge, the app is one of the important folder, one after the other to remove it.
The combination of the game and other malware, with a lot of manual intervention was inevitable. Social engineering in online games is a lot going on. It’s a great audience to target, and an industry that is known to be on the lookout for short cuts.
Chris Morales, the head of security at Vectra
Hidden Hero program
The malware is based on the open-source, the Hidden-Hero program which is a encryption last december, has been released on Gifthub.
Once the payload is executed, it connects with a command-and-control (C2) server, and enable Windows Defender and user account control (UAC off.
The set of encodings are:*** .gif, and * .sln, * .docx, * .php/* .psd, * .ico/* .as the name implies, * .xlsx, * .jpg, *. xls, * .doc, * .pdf, a * .wav, * .pptx, * .the same * .txt, * .png, * .supported formats are bmp, * .rar, * .zip -, * .mp3, and * .mp4, and * .results. It gives you the encrypted files have the file extension .syrk.
The next step is to set up a timed procedure in order to have the encoded files in the following folders, and delete the files to make the two hour drive are:
%userprofile% Pictures folder; % Userprofile% Desktop and% userprofile% Documents.
Decoding
The malware seems to be easy to use. The victims can get their computer can easily unlock it through a couple of files on the drive. These are the files that contain the passwords, which can be used to get the message to shut down before the file can delete it.
New Podcast episode: Bitcoin maximalisten of the tokens in Ethereum, a new Satsohi, and more
To have a say about anything that has to do with bitcoin, altcoins, and the market that surrounds it? Come and visit us on Facebook, Twitter, or by Telegram.
Thank you for signing up