Sign up to save your podcasts
Or
Share Noberus ransomware: Coded in Rust and tailored to victim.
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
Noberus ransomware: Coded in Rust and tailored to victim.
Guest Dick O'Brien, Principal Editor at Symantec, joins Dave to discuss their team's research, "Noberus: Technical Analysis Shows Sophistication of New Rust-based Ransomware." Noberus is new ransomware used in mid-November attack, ConnectWise was likely infection vector.
Symantec, a division of Broadcom Software, tracks this ransomware as Ransom.Noberus and our researchers first spotted it on a victim organization on November 18, 2021, with three variants of Noberus deployed by the attackers over the course of that attack. This would appear to show that this ransomware was active earlier than was previously reported, with MalwareHunterTeam having told BleepingComputer they first saw this ransomware on November 21.
Noberus is an interesting ransomware because it is coded in Rust, and this is the first time we have seen a professional ransomware strain that has been used in real-world attacks coded in this programming language. Noberus appears to carry out the now-typical double extortion ransomware attacks where they first steal information from victim networks before encrypting files. Noberus adds the .sykffle extension to encrypted files.
The research can be found here:
- Noberus: Technical Analysis Shows Sophistication of New Rust-based Ransomware
Learn more about your ad choices. Visit megaphone.fm/adchoices
View all episodes
By N2K Networks
4.4
88 ratings
Guest Dick O'Brien, Principal Editor at Symantec, joins Dave to discuss their team's research, "Noberus: Technical Analysis Shows Sophistication of New Rust-based Ransomware." Noberus is new ransomware used in mid-November attack, ConnectWise was likely infection vector.
Symantec, a division of Broadcom Software, tracks this ransomware as Ransom.Noberus and our researchers first spotted it on a victim organization on November 18, 2021, with three variants of Noberus deployed by the attackers over the course of that attack. This would appear to show that this ransomware was active earlier than was previously reported, with MalwareHunterTeam having told BleepingComputer they first saw this ransomware on November 21.
Noberus is an interesting ransomware because it is coded in Rust, and this is the first time we have seen a professional ransomware strain that has been used in real-world attacks coded in this programming language. Noberus appears to carry out the now-typical double extortion ransomware attacks where they first steal information from victim networks before encrypting files. Noberus adds the .sykffle extension to encrypted files.
The research can be found here:
- Noberus: Technical Analysis Shows Sophistication of New Rust-based Ransomware
Learn more about your ad choices. Visit megaphone.fm/adchoices
More shows like Research Saturday
View all
Risky Business
371 Listeners
CyberWire Daily
1,028 Listeners
ChinaPower
209 Listeners
Smashing Security
317 Listeners
Click Here
418 Listeners
Darknet Diaries
8,077 Listeners
Cybersecurity Today
175 Listeners
Hacking Humans
315 Listeners
CISO Series Podcast
195 Listeners
Career Notes
14 Listeners
Pekingology
143 Listeners
Cybersecurity Headlines
139 Listeners
The AI Fix
33 Listeners
The FAIK Files
18 Listeners