Thursday, November 12, 2020

New Pay2Key Ransomware linked to Iran

Check Point Software technologies have discovered that a new ransomware variant dubbed Pay2Key is being spread by hackers belonging to Iran. And news is out that the malware has spread its evil to multiple companies across Israel and some parts of the world, including United States, that will soon be led by 46th Presidential elect Joe Biden.

Security analysts say that Pay2Key ransomware spreading gang demands 7-8 bitcoins to free up the data from encryption and has demanded double the amount for a law firm that manages law deals related to many famous Hollywood celebs.

Hacking is taking place through sophisticated malware that infiltrates a network through employees’ remote connection system. And if the victim denies paying a ransom, then the stolen data is sold on the dark web.

The highlight of Pay2Key is that Check Point Labs has discovered that 4 victims based in Israel had to pay the ransom, as all of their backed up data was also encrypted. But all those digital transactions were being tracked down by a company called WhiteStream that monitors the crypto moment happening back and forth in the blockchain.

And their analysis revealed that the hackers opened a crypto wallet in the Iranian Exchange named Excoino and all the ransom was being stored on the wallet until this news piece was being compiled.

Excoino is a crypto exchange service that provides e-wallet services to Iranian populace by registering the users with a valid government ID for existence authentication.

So, based on this data, Check Point concluded that Pay2Key is being run by a hackers gang from Iran.

The post New Pay2Key Ransomware linked to Iran appeared first on Cybersecurity Insiders.


November 12, 2020 at 08:37PM

0 comments:

Post a Comment