A recently discovered variant of the KillDisk malware encrypts files and holds them for ransom instead of deleting them. Since KillDisk has been used in attacks aimed at industrial control systems (ICS), experts are concerned that threat actors may be bringing ransomware into the industrial domain.
Previous versions of KillDisk wiped hard drives in an effort to make systems inoperable, but a new variant observed by industrial cyber security firm CyberX encrypts files using a combination of RSA and AES algorithms.
Leave a reply
