New Threat Research: MalSync Teardown: From DLL Hijacking to PHP Malware for Windows  

Read Threat Research

Search

PureBasic Used to Create Ransomware

Recently, threat actors have created new ransomware named PureLocker written in PureBasic, which can hit Windows, Mac, and Linux.  PureBasic is a BASIC based programming language for Windows/Mac/Linux.  As the file is written in a language that many AV providers struggle to establish detections for, the malware went undetected for at least three weeks or so.  This malware is being currently distributed by a well-known MaaS (Malware as a Service) provider which has been used by Cobalt Gang, Fin6, and other threat groups.

Analyst Notes

As this ransomware is fairly new and detections are few and far between, practicing safe backup habits are the best way to secure files from this type of attack. The rule of 3-2-1 should apply here, meaning keeping at least three backups, with two backups on different storage devices/media, with one backup stored offsite. This should ensure that files are adequately protected.