Organizations with legal obligations to prevent data from improper alteration or destruction—I’m talking to you healthcare orgs that fall under HIPAA– really need to pay close attention to a new ransomware variant.
For the past month, the ransomware Jigsaw has been making good on their threat to delete files of their victims every hour. After 72 hours, if they don’t pay the $150 USD ransom in bitcoin, these digital extortionists will delete all the files.
What’s more, if you try rebooting an infected computer, they’ll delete 1,000 files in revenge.
After security experts found a way to decrypt Jigsaw for free, the ransomware authors pivoted and rebranded Jigsaw to CryptoHitman, which continues to wreak havoc.
Security researcher Lawrence Abrams says the differences are mostly cosmetic: new pornographic locker screen, the use of the Hitman character, encrypted files are replaced with the extension .porno, and new filenames for the ransomware executables. Otherwise, this ransomware performs the same as the original Jigsaw ransomware.
The good news is that security researchers have been able to modify the Jigsaw Ransomware decryptor to also decrypt CryptoHitman affected files.
While we can all breathe a small sigh of relief, this should act as another warning especially to organizations with compliance obligations—the aforementioned healthcare providers, as well government, and financial agencies—and of course really anyone else.
Interested in preventing ransomware? Stop ransomware with UBA.
What should I do now?
Below are three ways you can continue your journey to reduce data risk at your company:
Schedule a demo with us to see Varonis in action. We'll personalize the session to your org's data security needs and answer any questions.
See a sample of our Data Risk Assessment and learn the risks that could be lingering in your environment. Varonis' DRA is completely free and offers a clear path to automated remediation.
Follow us on LinkedIn, YouTube, and X (Twitter) for bite-sized insights on all things data security, including DSPM, threat detection, AI security, and more.
