aditya birla group data leak pixabay 1642233272633

Ransomware Goodwill found in India, allows victims to donate to fake causes: CloudSec

According to digital risk monitoring firm CloudSec, a new ransomware has been discovered in India that allows victims to donate new clothes to the homeless, feed children at branded pizza outlets and provide financial assistance to those in need of emergency medical care, according to cloudsec. The Goodwill ransomware warns that, temporarily and permanently, there is a risk of losing company data and shutting down company operations, as well as loss of revenue.

“The Goodwill ransomware was discovered by CloudSEK researchers in March 2022. As the threat group name suggests, operators are accused of being more interested in promoting social justice than traditional economic causes,” Clousek said in a report.

Once infected, the GoodWill ransomware worm encrypts documents, photos, videos, databases and other important files and makes them inaccessible without a decryption key.

“Actors suggest that victims carry out three socially driven activities instead of the decryption key – donate new clothes to the homeless, record the action and post it on social media, take the less fortunate five children to Domino’s Pizza Hut or KFC, take pictures and videos and post them on social media Do and provide financial assistance and financial assistance to those in need of emergency medical care, at a nearby hospital, record audio and share with operators. “

After completing all three activities, ransomware victims will be asked to write a note on social media (Facebook or Instagram) on “How you became a kind man by becoming a victim of a ransomware called Goodwill”. After completing all three operations, the ransomware operator verifies the victim’s shared media files and their posts on social media.

The actor will share a complete decryption kit with a video tutorial on how to recover the main decryption tool, password file and all important files, the report said.

“Our researchers were able to redirect the email address provided by the ransomware group to IT Security Solutions & Services Company of India, which provides end-to-end managed security services,” the report said.


Leave a Comment

Your email address will not be published.