CRIL analyzes the return of Hexalocker Ransomware in a new version that leverages the Skuld Stealer and other advanced capabilities.

Cyble's publication is a resource for cybersecurity professionals and businesses seeking to stay ahead of evolving cyber threats. Through detailed analysis of threat intelligence, cybersecurity trends, and real-world cyber incidents, Cyble provides  insights into emerging threats, cyber attack tactics, and risk mitigation strategies. Readers can learn about threat detection methodologies, vulnerability assessment techniques, incident response protocols, and compliance standards to enhance their cybersecurity posture. Additionally, Cyble offers expert commentary, best practices, and actionable recommendations to help organizations protect their digital assets, safeguard sensitive data, and maintain business continuity in the face of cyber threats.

Cyble

HexaLocker V2 is a significant upgrade of the original HexaLocker ransomware, featuring enhanced encryption techniques and a stealer component called Skuld, which gathers sensitive information before file encryption. The new version persistently modifies registry keys, downloads the Skuld Stealer, and exfiltrates data using double extortion methods. Developed in Go, it uses various advanced encryption algorithms and replaces previous communication methods with a unique hash for victim communication. The updated ransomware poses an ongoing threat with its improved functionality and evasion techniques.

Hexalocker-v2-being-proliferated-by-Skuld-Stealer