Companies infected with purported ransomware may no longer have an option to pay a ransom.
A new malicious program acts exactly like crypto-ransomware — overwriting and renaming files, then dropping a text file with a ransom note and a Bitcoin address for payment — but the program instead deletes the contents of a victim’s files. The program, CryWiper, currently targets Russian organizations but could easily be used against companies and organizations in other nations, according to cybersecurity firm Kaspersky, which analyzed the program.
The camouflaged wiper program continues a trend in ransomware being used — intentionally or inadvertently — as a wiper, the company’s researchers stated in the analysis.
“In the past, we’ve seen some malware strains that became wipers by accident — due to mistakes of their creators who poorly implemented encryption algorithms,” the researchers wrote. “However, this time it’s not the case: our experts are confident that the main goal of…