Welcome to Smokey's Security Forums.
As a guest you only have limited access to the board and it's features, please consider registering to gain full access!
Registration is free and it only takes a few moments to complete.

Smokey's Security Forums

Please login or register.

Login with username, password and session length
Advanced search  


Phoney Android security apps in Google Play Store found distributing malware, tracking users

36 apps posing as tools to keep users safe from attacks were actually installing malware on user's devices.

Phoney Android security apps in Google Play Store found distributing malware, tracking users

Malware Log Analysis & Removal Help * Ransomware Encryption & Decrytion Techniques * Official Jetico Inc. Support Forums

Share this topic on FacebookShare this topic on MySpaceShare this topic on RedditShare this topic on TwitterAuthorTopic: New XData ransomware spreads faster than WannaCry  (Read 267 times)

0 Members and 1 Guest are viewing this topic.

ScarlettTopic starter

  • Updates Moderator
  • *
  • Offline Offline
  • location: Cymru
  • Posts: 22659
New XData ransomware spreads faster than WannaCry
« Reply #1 on: May 22, 2017, 08:16:30 AM »
New XData ransomware spreads faster than WannaCry
22 May 2017, 5:43 am

Following the emergence of the WannaCry ransomware attack campaign last week, another, possibly bigger outbreak is underway. The culprit? A new ransomware called XData.

It was spotted over the weekend by security researcher MalwareHunter. MalwareHunter is one of the people behind the ID-Ransomware service that enables users to submit ransomware samples for analysis. XData was submitted via the service.

The spread of XData across Ukraine has been so rapid it has raised XData to the second most active ransomware strain, second to the ever dominant Cerber.

XData caught the attention of the team due to its rapid spread across Ukraine where, in one day, XData made four times as many victims when compared with the total for the entire week of WannaCry’s reign.

WannaCry has already infected hundreds of thousands of systems across the globe. Bu,t if you consider the current rate of XData infection in Ukraine, Russia and Germany, the global impact of XData would far outshine that of WannaCry.

Meet XData

TheXData ransomware was initially spotted in May 2017  and while its distribution method is currently unknown, these are the files and processes currently found on an infected host:





XData utilises AES encryption to encrypt files, to which it changes the extension to~xdata~. 

For example, a file named photo.png becomes photo.png.~xdata~.

Source: Bleeping Computer

Once the encryption process is complete, the following ransom note appears:

Source: Bleeping Computer

Unfortunately, at this stage, there is no way to decrypt files locked by the XData ransomware. Researchers will continue to look into this latest outbreak. We’ll keep you updated on any changes.

Related Posts:Global WannaCry ransomware outbreak uses known NSA exploitsDecrypt Amnesia ransomware with Emsisoft’s free decrypterWannaCry Ransomware: Interview with Emsisoft’s…Remove Cry9 ransomware with Emsisoft’s free decrypterEmsisoft releases free decrypter for CryptON ransomware

Source: Emsisoft Blog

>> To obtain the full Emsisoft article, click the link in the first post line <<

* Permissions
You can't post new topics.
You can't post replies.
You can't post attachments.
You can't modify your posts.
BBCode Enabled
Smilies Enabled
[img] Enabled
HTML Disabled

Except where otherwise stated, all content, graphics, banners and images included © 2006 - 2018 Smokey Services™ -- All rights reserved

Design board graphics by PseFrank & DSTM

This site does not store profiling-, tracking-, third-party and/or any other non-essential cookie(s) on client computers and is fully compliant with the EU ePrivacy Directive
Smokey's does not use any Web Analytics/Analysis Service, and also does not use any browser fingerprinting techniques



Smokey's also provides free fully qualified FRST (Farbar Recovery Scan Tool) Log / Malware Analysis & Removal Help and System Health Checks