Updated virus Rakhni now focus on cryptomonadales


Virus Rakhni, now in updated form returned to the Internet to identify the user computers associated with scriptactive and run them malware.

Described in 2013 as one of the most dangerous threats, now after updating the virus Rakhni has the potential to leave far behind all the previously known viruses, ransomware, since it is a new stage in the development of virus software.

Updated target Rakhni

July 6, 2018 website on cyber security Bleeping Computer reported the discovery of unauthorized actions performed Rakhni ransomware virus on the computers of users of the cryptocurrency. The message came after the “Kaspersky Lab” raised the issue of the return of the updated virus Rakhni, which scans the computers of the victim before penetration into the system. Hackers tried to make the virus “smart” and now, Rakhni initially studying computer database for the presence of folders named “Bitcoin” or other cryptowall, and then determines to run the patch device and demand a ransom, or install the program-miner.

Although the precise search strategy and the selection has not been fully elucidated, it seems that hackers rely on the fact that the users put all the data related to Bitcoin in an easily accessible folder than Rakhni and seeks to use it. On jailbroken devices, users are blocked access to their funds until it is paid a certain ransom.

If the Bitcoin folder is not found, Rakhni deploys software for kriptomayning on the victim’s computer, if it is possible to make power devices.

Beware of spam

According to “Kaspersky Lab”, an updated version of Rakhni distributed via spam messages. Kaspersky reported cases of infection Rakhni in Russia, Kazakhstan, Ukraine, Germany and India. It is assumed that the system uses geographic targeting tools for e-mail delivery.

Malicious emails contain attachments spam “Word. Docx”. If a user opens a file, the system launches an. EXE file that contains Rakhni. However, Kaspersky believes that the users are safe if “they do not include macros in the first DOCX file”.

If you find a mistake on rucoin.net please highlight the text and press Ctrl+Enter.


Please enter your comment!
Please enter your name here

eighteen + sixteen =