HelloKitty ransomware rises from its ashes and releases video game data and private decryption keys

[ad_1]

Mélina LOUPIA

April 21, 2024 at 6:35 p.m.

0

HelloKitty ransomware changes name to HelloGookie - © Who is Danny / Shutterstock

HelloKitty ransomware changes name to HelloGookie – © Who is Danny / Shutterstock

The HelloKitty ransomware becomes HelloGookie and reveals a lot of sensitive data from companies or video games.

“HelloKitty is dead, long live HelloGoogie!” “, hackers might gargle. It was its creator pirate who announced the “ rebranding » of its ransomware. Now called HelloGookie by the man who calls himself Gookee/kapuchin0, this rebranding is accompanied by a new site on which sensitive information is published.

A new showcase that was quick to attract developers who had already exploited these leaks, compiling and sharing development versions of The Witcher 3.

HelloKitty, birth and peak of ransomware

Launched in November 2020, HelloKitty is a ransomware which particularly distinguished itself with a highly publicized offensive: the hacking of CD Projekt Red, the creator of the titles Cyberpunk 2077, The Witcher 3 And Gwent. The group managed to encrypt the company’s servers and steal the source code as part of the attack. The data was subsequently sold on the dark web, including the code of The Witcher 3then unpublished.

After this coup, HelloKitty gradually expanded by releasing a variant on Linux in 2021 which targeted VMware ESXi, just to extend its ramifications and… its profits. In 2022, the data leak site of another ransomware operation, Yanluowang, was reportedly hacked to leak conversations between members. These conversations revealed that Yanluowang was closely associated with the developer of HelloKitty, who used the name Guki in conversations.

By changing its name, HelloKitty expands its malicious tactics - © Leremy / Shutterstock

By changing its name, HelloKitty expands its malicious tactics – © Leremy / Shutterstock

From HelloKitty to HelloGookie, story of a metamorphosis

In October 2023, Gookee/kapuchin0 leaked the HelloKitty creator and source code to a hacker forum. This then sounded the death knell for the operations. The ransomware is then renamed HelloGookie and does not appear to cause new attacks or new victims under this new name. An inexplicable end and a rather timid beginning for this seasoned gang which has enough to question the finest blades of cybercrime.

But the story obviously doesn’t end there and HelloGookie will disclose information stolen during older attacks against CD Projekt Red and Cisco on its new site. It also reveals four private decryption keys for an older version of the HelloKitty ransomware encryptor, which could allow some victims to recover their files for free.

Access to archives of the late HelloKitty which immediately alerted the researchers of the specialized site 3xp0rt. They declared to BleepingComputer that they were currently studying the keys to determine which versions of the cipher they were working with. An equation with several unknowns, the main one of which remains the success of HelloGookie compared to its ancestor.

But if most of these well-established gangs attack large structures like Cisco or CD Projekt, the fact remains that more discreet and more modest organizations target prey within their reach such as individuals. Fortunately, there are tools to protect you from this ransomware which can plunder your data as well as your bank account.

Best antivirus, comparison in April 2024
To discover
Best antivirus, comparison in April 2024

Apr 2, 2024 at 10:35 am

Service comparisons

Source : Bleeping Computer

Mélina LOUPIA

Ex-corporate journalist, the world of the web, networks, connected machines and everything that is written on the Internet whets my appetite. From the latest TikTok trend to the most liked reels, I come from...

Read other articles

Ex-corporate journalist, the world of the web, networks, connected machines and everything that is written on the Internet whets my appetite. From the latest TikTok trend to the most liked reels, I come from the Facebook generation that still fascinates the internal war between Mac and PC. As a wise woman, the Internet, its tools, practices and regulation are among my favorite hobbies (that, lineart, knitting and bad jokes). My motto: to try it is to adopt it, but in complete safety.

Read other articles



[ad_2]

Source link -99