There is a malware that originates from Iran called “Black Ruby” that targets machines with miners like the resource-driven Monero XML miner. The malware encrypt and distorts the files. The agency that discovered this Iranian based malware is Accenture and they found this out in February of 2018. The amount of ransom for this Black Ruby thing sells at 650 dollars in Bitcoin.
Yes, this BlackRuby ransom-ware type virus is one that immediately after infiltration, encrypts most stored files and then renames them and makes them unusable. It also features and checks the victim’s IP address to detect the location, and if in Iran it will not encrypt the files- also I heard they will ignore the victims, even if they pay the $650 ransom.
Monero has launched a new website that aims to educate users on cleaning up crypto-jacking malware and ransomware. Attackers like Monero because it’s private, so they do not need to worry about law enforcement tracing what they do with the Monero after they mine it.
You must be logged in to reply to this topic.