SunCrypt Ransomware Still Alive in 2022

One of the first groups to use “triple extortion” tactics in their attacks was SunCrypt. This group is a RaaS (Ransomware as a Service) group.

SunCrypt doesn’t have a big affiliate program like other RaaS groups. Instead, it has a small and private affiliate program. GO was used to write the first version of this ransomware, but after it was written in C and C++, the group became much more active. A lot of businesses in the Services, Technology, and Retail sectors are affected by SunCrypt.

A research by Minerva Labs claims that this stalemate hasn’t deterred malware developers from developing a new and improved version of their strain, which the analysts then examined to identify what had changed.

What Has Recently Changed?

The additional features of the SunCrypt 2022 edition include the ability to terminate processes, halt services, and wipe the computer clean in preparation for ransomware execution.

These characteristics have been present in other ransomware strains for a long time, however, they are relatively new additions to SunCrypt, and this gives the impression that the RaaS is still in the early stages of development.

While the 2022 SunCrypt version has gained new capabilities, it seems like

Read More: https://heimdalsecurity.com/blog/suncrypt-ransomware-still-alive-in-2022/