Security researchers with Accenture iDefense are tracking a new ransomware campaign that relies on a new version of the MegaCortex strain. The attacks focus on companies in the United States and across Europe and involve ransomware demands between $20,000 and $5.8 million.
In previous versions of MegaCortex, the payload was protected by a password that needed to be manually supplied by the attackers. This made it hard for researchers to reverse-engineer the malware. However, it seems the threat actors found it inconvenient as well, since the latest version comes with a hard-coded password and doesn’t require intervention by the attackers in order to execute. The researchers warn that these new features may lead to “an increase in the number of MegaCortex incidents if the actors decide to start delivering it through email campaigns” or to have other malware distribute it.
Read more: MegaCortex ransomware slams enterprise firms with $5.8 million blackmail demands