More sophisticated encryption has been integrated into Hive ransomware, which has been updated to the Rust programming language, reports The Hacker News.
Hive ransomware's transition to Rust has allowed the inclusion of memory safety and elevated low-level resource control capabilities, as well as enabled broader cryptographic library utilization, according to a report from the Microsoft Threat Intelligence Center.
"Instead of embedding an encrypted key in each file that it encrypts, it generates two sets of keys in memory, uses them to encrypt files, and then encrypts and writes the sets to the root of the drive it encrypts, both with .key extension," said MSTIC, which added that renaming is performed to an encrypted file to determine the key used for its encryption.
The findings come after the AstraLocker ransomware operation reported shutting down as it plans a pivot to cryptojacking, as well as the reported emergence of the RedAlert ransomware family targeting VMware ESXi servers on Windows and Linux.
Several U.S. defense and government organizations have been targeted by state-backed Chinese hacking group Bronze Silhouette, also known as Volt Typhoon, for military intelligence over a period of at least two years, according to The Record, a news site by cybersecurity firm Recorded Future.
Russian, North Korean, and Iranian advanced persistent threat operations have been launching more attacks aimed at compromising small- and medium-sized businesses, as well as their regional managed service providers, reports SecurityWeek.