Security Affairs
Pegasus Used Against MEP Investigating Pegasus, Citizen Lab Finds|JADEPUFFER: First End-to-End AI-Driven Ransomware Operation|The Anatomy of a Shadow AI Supply-Chain Breach: Lessons from the 2026 Vercel Incident|Law enforcememt operation disrupted Malicious Residential Proxy Networks NetNut|Government and Healthcare Are the Weakest Links in Global Email Security|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|Pegasus Used Against MEP Investigating Pegasus, Citizen Lab Finds|JADEPUFFER: First End-to-End AI-Driven Ransomware Operation|The Anatomy of a Shadow AI Supply-Chain Breach: Lessons from the 2026 Vercel Incident|Law enforcememt operation disrupted Malicious Residential Proxy Networks NetNut|Government and Healthcare Are the Weakest Links in Global Email Security|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

A second variant of the new Cryptomix Ransomware released in a few days

Malware researchers at MalwareHunterTeam discovered a new variant of the CryptoMix ransomware, the second one in just a few days. A new variant of the CryptoMix ransomware was recently discovered by the experts at the MalwareHunterTeam, it is the second release of new variants this week. The latest variant appends the. 0000 extension to encrypted files and uses new contact emails, for example, […]

Malware researchers at MalwareHunterTeam discovered a new variant of the CryptoMix ransomware, the second one in just a few days.

A new variant of the CryptoMix ransomware was recently discovered by the experts at the MalwareHunterTeam, it is the second release of new variants this week.

The latest variant appends the. 0000 extension to encrypted files and uses new contact emails, for example, a test file encrypted by this variant has an encrypted file name of 0D0A516824060636C21EC8BC280FEA12.0000.

The malware researcher Lawrence Abrams explained that this latest version of the ransomware uses the same encryption methods of previously discovered variants, but he noticed some slight differences.

CryptoMix ransomware

The ransom note maintained the same file name  _HELP_INSTRUCTION.TXT, but now uses the y0000@tuta.io, y0000@protonmail.com, y0000z@yandex.com, and y0000s@yandex.com emails for a victim to contact for payment information.

This variant of the CryptoMix ransomware contains 11 public RSA-1024 encryption keys that will be used to encrypt the AES key used to encrypt the files on the victim’s PC.

“This allows the ransomware to work completely offline with no network communication. This variant’s 11 public RSA keys are the same as the previous XZZX Cryptomix Ransomware variant.” wrote Abrams.

As usual, let me suggest to backup your data and test the backup files to avoid ugly surprises.

Install a security software and maintain it and any other application up to date. It could be useful to install specific anti-ransomware solution that implements behavioral.

Colleagues have published an interesting article on ransomware protection titled “How to Protect and Harden a Computer against Ransomware.

[adrotate banner=”9″] [adrotate banner=”12″]

Pierluigi Paganini 

(Security Affairs – CryptoMix ransomware, cybercrime)

[adrotate banner=”5″]

[adrotate banner=”13″]