The attackers deployed the Kraken binary afterward and used stolen credentials to propagate across additional systems.

1 day, 3 hours ago techradar.com

The Kraken ransomware campaign introduces a benchmark step which times the encryption of a temporary file to determine how quickly it can encrypt a victim’s data.

Researchers from Cisco Talos found the malware creates a random data file, encrypts it, records the speed, and deletes the test file.

The result guides the hackers in choosing between full encryption and a partial approach that still damages files while avoiding excessive system load that could expose their activity.

Akira ransomware is now targeting Nutanix VMs - and scoring big rewards

Interlock ransomware just keeps getting more powerful - here's how to stay safe

Ransomware hackers are now running Linux encryptors in Windows to stay undetected

Targeting key enterprise assets

In their report, the researchers outlined how Kraken prepares each compromised environment by deleting shadow copies, clearing the Recycle Bin, and disabling backup services.

The Windows version includes four separate modules designed to ...

Copyright of this story solely belongs to techradar.com . To see the full text click HERE

Targeting key enterprise assets

Share: