Hardware TutorialHardware NewsWindows and Linux vulnerable to oddly familiar Cicada3301 ransomwareWindows and Linux vulnerable to oddly familiar Cicada3301 ransomware
A relatively new piece of ransomware, called Cicada3301, has been analyzed in detail by cybersecurity researchers, and the findings reveal surprising callbacks to infamous attacks from the recent past. Cicada3301 is able to target Linux-based and Windows systems.
This new malware bears a resemblance to BlackCat, the ransomware used in the 2021 attack on the Colonial Pipeline. The unique factor is that Cicada3301 uses a two-pronged approach to make victims pay up; not only are files encrypted, they're also packaged and leaked if payment isn't made.
Cicada3301 was first spotted in June of 2024, when the first leak of a victim's data showed up on the dedicated site set up by its creators. They later took to a Russian dark web forum called RAMP with the aim of soliciting affiliates. They offered Cicada3301 as a service, offering to attack selected targets for a price. This model, called ransomware-as-a-service, has gained popularity among bad actors in recent years.
Victims will find their systems largely immune to traditional efforts used to stem ransomware attacks thanks to a clever mix of tactics built into Cicada3301. They will instead be greeted by a lone text file offering instructions to save their files from being leaked. According to the text file, the group behind this attack includes an offer to tighten up victims' security to prevent similar attacks in the future, as well as ongoing support, should a victim choose to pay up.
The website and resources utilized by the group behind the 2021 attack were eventually seized by US authorities. It is believed that the group has ceased activities, but the similarities that Cicada3301 bears to BlackCat and its rebrand, ALHPV, are numerous.
Cicada3301 is written in the Rust programming language, making it versatile, efficient, and extensible, but this could be written off as merely following the trend established by BlackCat; up until that attack, ransomware written in Rust was extremely uncommon, and was more often than not a mere proof-of-concept shown off by white hat hackers across the web.
Beyond using the same programming language and general attack structure, Cicada3301 uses similar decryption methods, and many commands written into the new malware are exactly the same as function calls found in BlackCat. In both attacks, legitimate user credentials are obtained through any available means, often social engineering, and used to gain access to the target system.
From there, both attacks use almost identical calls to do things like phone home, encrypt and decrypt files, display messages, and more. Cicada3301 does, however, come with some new tricks. Chief among them is the ability to stop outside machines, including virtual machines, from accessing encrypted files and systems.
As of September of 2024, all resources linked to Cicada3301 are seemingly still live, and there have been no reports of any bad actors connected to it stepping down or being apprehended. It is possible that the new ransomware is the creation of one or more team members from the BlackCat attacks, or a rival group that copied much of the code of BlackCat before it went dark.
The above is the detailed content of Windows and Linux vulnerable to oddly familiar Cicada3301 ransomware. For more information, please follow other related articles on the PHP Chinese website!
Bookmark Multiple Tabs in Safari on iPhoneMay 01, 2025 am 01:02 AMIn Safari on iPhone, it's not unusual for the number of tabs you have open to quickly get out of hand. Here's how to temporarily clean things up without losing your tabs.If you have no use for all your open tabs, you can simply select one, then press
Get Creative With Sound by Layering Tracks in Voice MemosApr 29, 2025 am 03:01 AMOn iPhone 16 Pro and iPhone 16 Pro Max, the Voice Memos app includes a recording feature that lets you record a second audio layer – like vocals, narration, or an extra instrument – over an existing memo, all without needing headphones. Keep reading
Send Web Links That Jump to the Exact Text You MeanApr 25, 2025 pm 09:01 PMSometimes when you share a webpage link with someone, you just want to bring their attention to a specific passage or sentence to make your point, rather than have them read through the entire article.In 2020, Google added a function to its Chrome br
Everything Rumored for the 2025 Apple Watch Series 11Apr 25, 2025 am 09:59 AMAs we celebrate the 10th anniversary of the Apple Watch today, we thought we'd take a look at what Apple has in store for the next-generation version of the device that's coming this fall. The Apple Watch Series 11 doesn't sound like it's going to be
The best monitors for Xbox Series X in 2025Apr 25, 2025 am 09:16 AMLevel up your Xbox experience with one of the best monitors for Xbox Series X. A dedicated gaming monitor can be a worthy alternative to one of the best gaming TVs, offering a sharper picture or high-end features like a blazing fast refresh rate or s
The best SSD for PS5 in 2025: top storage expansion options tested and rankedApr 25, 2025 am 09:08 AMThe best SSD for PS5 is a must if you own lots of PS5 games. Many of the most popular titles on the platform now require more than 100GB of storage space, with some coming in even higher. On my personal PS5, I have more than 300GB taken up by just Ca
Shopping for a Nintendo Switch 2 on eBay? Beware of deals that aren't worth the paper they're printed on – and that's the pointApr 25, 2025 am 09:02 AMNintendo Switch 2 pre-orders have kicked off in the United StatesWe've spotted several eBay listings promising a Switch 2 pre-order, but they aren't what they seemInstead of a console, you'll get a photo of the Switch 2Nintendo Switch 2 pre-orders ar
Forget Fallout, this post-apocalyptic shooter is free right now to celebrate its 15th anniversaryApr 24, 2025 am 10:47 AMThe latest PlayStation Store sale starts today, bringing loads of unmissable discounts on some of the very best PS5 games around.Titled 'Big Games, Big Deals', the sale ends on May 7, giving you just over two weeks to take advantage of the savings an
Hot AI Tools
Undresser.AI Undress
AI-powered app for creating realistic nude photos
AI Clothes Remover
Online AI tool for removing clothes from photos.
Undress AI Tool
Undress images for free
Clothoff.io
AI clothes remover
Video Face Swap
Swap faces in any video effortlessly with our completely free AI face swap tool!
Hot Article
Hot Tools
PhpStorm Mac version
The latest (2018.2.1) professional PHP integrated development tool
EditPlus Chinese cracked version
Small size, syntax highlighting, does not support code prompt function
Atom editor mac version download
The most popular open source editor
Dreamweaver CS6
Visual web development tools
MinGW - Minimalist GNU for Windows
This project is in the process of being migrated to osdn.net/projects/mingw, you can continue to follow us there. MinGW: A native Windows port of the GNU Compiler Collection (GCC), freely distributable import libraries and header files for building native Windows applications; includes extensions to the MSVC runtime to support C99 functionality. All MinGW software can run on 64-bit Windows platforms.
