uTalk

Official forum for Utopia Community

You are not logged in.

#1 2023-08-15 22:43:15

thrive
Member
Registered: 2023-01-04
Posts: 1,919

Return of Monti Ransomware with New Linux Variant and Improved Evasion

Following a two-month hiatus, the threat actors behind the Monti ransomware have returned to attack targets in the legal and government sectors using a new Linux version of the encryptor.

In June 2022, weeks after the Conti ransomware group stopped operating, Monti appeared and purposefully imitated the strategies, tools, and leaked source code used by the latter. no longer.

Compared to its other Linux-based predecessors, the new version, according to Trend Micro, represents something of a departure.

According to Trend Micro researchers Nathaniel Morales and Joshua Paul Ignacio, "unlike the earlier variant, which is mainly based on the leaked Conti source code, this new version employs a different encryptor with additional distinct behaviors.".

A BinDiff analysis has shown that while earlier iterations had a 99 percent similarity rate with Conti, the most recent version only has a 29 percent similarity rate, indicating a redesign.

The removal of the command-line arguments --size, --log, and --vmlist, as well as the addition of the "--whitelist" parameter, which instructs the locker to skip a list of virtual machines, are some of the most significant changes.

The Linux variant uses AES-256-CTR encryption rather than Salsa20 and solely relies on the file size for its encryption process. It is also designed to modify the motd (also known as message of the day) file to display the ransom note.


Malware called Monti.

The first 100,000 (0xFFFFF) bytes of files larger than 1.048 MB but smaller than 4.19 MB will only be encrypted, whereas files larger than 4.19 MB may have some of their content locked depending on the results of a Shift Right operation.

The entire content of files with a size less than 1.048 MB will be encrypted.

As evidenced by some similar functions, the threat actors who created Monti "likely employed portions of the Conti source code as a base for the new variant, but implemented significant changes to the code, especially to the encryption algorithm," the researchers wrote.

Additionally, by changing the code, Monti's operators are making it more difficult to detect and stop their malicious activities. ".

Offline

#2 2023-09-04 17:50:06

CrytoCynthia
Member
Registered: 2022-11-19
Posts: 2,168

Re: Return of Monti Ransomware with New Linux Variant and Improved Evasion

Well all browsers and sites now has its own risk I want to understand how to host my website on Utopia p2p network but I have not been able to learn how to do that

Offline

#3 2023-09-19 21:07:05

Vastextension
Member
Registered: 2022-11-19
Posts: 1,783

Re: Return of Monti Ransomware with New Linux Variant and Improved Evasion

CrytoCynthia;21380 wrote:

Well all browsers and sites now has its own risk I want to understand how to host my website on Utopia p2p network but I have not been able to learn how to do that

No, not all browsers and sites have own level of risk. While the internet as a whole carries inherent risks, the level of risk can vary depending on factors such as the browser's security features, the website's security protocols, and user behavior.

Offline

#4 2023-09-19 21:07:46

level
Member
Registered: 2023-01-19
Posts: 1,224

Re: Return of Monti Ransomware with New Linux Variant and Improved Evasion

Vastextension;22198 wrote:
CrytoCynthia;21380 wrote:

Well all browsers and sites now has its own risk I want to understand how to host my website on Utopia p2p network but I have not been able to learn how to do that

No, not all browsers and sites have own level of risk. While the internet as a whole carries inherent risks, the level of risk can vary depending on factors such as the browser's security features, the website's security protocols, and user behavior.

Different browsers offer varying levels of security and privacy features. Some browsers have built-in security measures, such as sandboxing, pop-up blockers, and protection against malicious websites.

Offline

#5 2023-09-19 21:08:08

IyaJJJ
Member
Registered: 2023-01-25
Posts: 1,499

Re: Return of Monti Ransomware with New Linux Variant and Improved Evasion

level;22199 wrote:
Vastextension;22198 wrote:
CrytoCynthia;21380 wrote:

Well all browsers and sites now has its own risk I want to understand how to host my website on Utopia p2p network but I have not been able to learn how to do that

No, not all browsers and sites have own level of risk. While the internet as a whole carries inherent risks, the level of risk can vary depending on factors such as the browser's security features, the website's security protocols, and user behavior.

Different browsers offer varying levels of security and privacy features. Some browsers have built-in security measures, such as sandboxing, pop-up blockers, and protection against malicious websites.

More secure browsers also prioritize regular updates to address emerging threats and vulnerabilities.

Offline

#6 2023-09-19 21:09:23

joanna
Member
Registered: 2023-01-10
Posts: 2,146

Re: Return of Monti Ransomware with New Linux Variant and Improved Evasion

IyaJJJ;22200 wrote:
level;22199 wrote:
Vastextension;22198 wrote:

No, not all browsers and sites have own level of risk. While the internet as a whole carries inherent risks, the level of risk can vary depending on factors such as the browser's security features, the website's security protocols, and user behavior.

Different browsers offer varying levels of security and privacy features. Some browsers have built-in security measures, such as sandboxing, pop-up blockers, and protection against malicious websites.

More secure browsers also prioritize regular updates to address emerging threats and vulnerabilities.

Websites can also vary in terms of security depending on factors like encryption protocols, secure communication channels (HTTPS), and measures to protect user data.

Offline

#7 2023-09-19 21:09:59

Vastextension
Member
Registered: 2022-11-19
Posts: 1,783

Re: Return of Monti Ransomware with New Linux Variant and Improved Evasion

joanna;22201 wrote:
IyaJJJ;22200 wrote:
level;22199 wrote:

Different browsers offer varying levels of security and privacy features. Some browsers have built-in security measures, such as sandboxing, pop-up blockers, and protection against malicious websites.

More secure browsers also prioritize regular updates to address emerging threats and vulnerabilities.

Websites can also vary in terms of security depending on factors like encryption protocols, secure communication channels (HTTPS), and measures to protect user data.

Well-maintained websites employ security practices, including vulnerability scanning, secure coding, and regular security audits.

Offline

#8 2023-09-19 21:10:31

level
Member
Registered: 2023-01-19
Posts: 1,224

Re: Return of Monti Ransomware with New Linux Variant and Improved Evasion

Vastextension;22202 wrote:
joanna;22201 wrote:
IyaJJJ;22200 wrote:

More secure browsers also prioritize regular updates to address emerging threats and vulnerabilities.

Websites can also vary in terms of security depending on factors like encryption protocols, secure communication channels (HTTPS), and measures to protect user data.

Well-maintained websites employ security practices, including vulnerability scanning, secure coding, and regular security audits.

A significant factor in online risk is user behavior. Engaging in unsafe practices such as visiting suspicious websites, clicking on unknown links, downloading files from untrusted sources, or sharing sensitive information with unsecure sites increases the likelihood of encountering risks.

Offline

#9 2023-09-19 21:11:04

IyaJJJ
Member
Registered: 2023-01-25
Posts: 1,499

Re: Return of Monti Ransomware with New Linux Variant and Improved Evasion

level;22203 wrote:
Vastextension;22202 wrote:
joanna;22201 wrote:

Websites can also vary in terms of security depending on factors like encryption protocols, secure communication channels (HTTPS), and measures to protect user data.

Well-maintained websites employ security practices, including vulnerability scanning, secure coding, and regular security audits.

A significant factor in online risk is user behavior. Engaging in unsafe practices such as visiting suspicious websites, clicking on unknown links, downloading files from untrusted sources, or sharing sensitive information with unsecure sites increases the likelihood of encountering risks.

It's important to note that while browsers and websites can provide security features, they cannot eliminate all online risks.

Offline

#10 2023-09-19 21:11:24

Vastextension
Member
Registered: 2022-11-19
Posts: 1,783

Re: Return of Monti Ransomware with New Linux Variant and Improved Evasion

IyaJJJ;22204 wrote:
level;22203 wrote:
Vastextension;22202 wrote:

Well-maintained websites employ security practices, including vulnerability scanning, secure coding, and regular security audits.

A significant factor in online risk is user behavior. Engaging in unsafe practices such as visiting suspicious websites, clicking on unknown links, downloading files from untrusted sources, or sharing sensitive information with unsecure sites increases the likelihood of encountering risks.

It's important to note that while browsers and websites can provide security features, they cannot eliminate all online risks.

Users must also be vigilant, follow best practices (such as using strong, unique passwords, enabling two-factor authentication, and keeping software up to date), and exercise caution while browsing the internet to mitigate potential risks.

Offline

#11 2023-11-01 19:34:54

Comrade
Member
From: Utopia App Client
Registered: 2022-12-30
Posts: 1,523

Re: Return of Monti Ransomware with New Linux Variant and Improved Evasion

Vastextension;22205 wrote:
IyaJJJ;22204 wrote:
level;22203 wrote:

A significant factor in online risk is user behavior. Engaging in unsafe practices such as visiting suspicious websites, clicking on unknown links, downloading files from untrusted sources, or sharing sensitive information with unsecure sites increases the likelihood of encountering risks.

It's important to note that while browsers and websites can provide security features, they cannot eliminate all online risks.

Users must also be vigilant, follow best practices (such as using strong, unique passwords, enabling two-factor authentication, and keeping software up to date), and exercise caution while browsing the internet to mitigate potential risks.

The deliberate practice of upgrades of system each and every time available will help to meet up with the tech updates availability from host tech developer

Offline

Board footer

Powered by FluxBB