RansomHouse Upgrades Encryption With Advanced Multi-Layered Data Processing

[johny899]

RansomHouse is constantly evolving and finding new methods to encrypt stolen data, demonstrating that the tactics used by cybercriminals are always changing. The new methods that RansomHouse has implemented for encrypting files make recovering those files after an attack almost impossible.

A Smarter Way to Lock Files​

In the past, RansomHouse encrypted files using a single encryption technique. The company has since moved away from this method and now utilizes multiple techniques to encrypt stolen files. This increase the difficulty level of recovering them and this multi-layered approach for file encryption is known as multi-layered data processing.

RansomHouse also introduced a new encryption utility called "Mario." While the name may seem playful, the tool is incredibly dangerous. Mario uses two unique encryption keys to encrypt files, rather than just one. This means that even if an individual is able to decipher one layer of encryption, there is an additional layer of encryption that will still keep the individual from accessing the files.

Have you ever struggled with trying to recover files after an attack? This is one of the primary reasons that recovery efforts seem so daunting.

Why Security Teams Should Be Worried​

There are significant implications for defenders as a result of this upgrade. Below are the risks associated with this upgraded version of RansomHouse.

• Increased encryption complexity delays recovery.
• Multi-layer data obfuscation makes the means for encrypting the data difficult to identify
• File randomness complicates file analysis.

From my experience, some of the anti-ransomware tools that worked on older versions of ransomware won't work now. Attackers have learned from their previous mistakes and have improved on their methods.

What This Means for Organizations​

Companies can no longer rely solely on basic security practices. As shown by RansomHouse's most recent update, ransomware gangs are shifting their focus from recovery to reliability and speed. They want fewer failures to meet and an increased sense of urgency from their victims.

In Conclusion​

To put it bluntly, RansomHouse has developed a stronger, quicker, and more difficult to defeat version of its ransomware. This security threat illustrates how rapidly the cyber threat landscape is evolving. Defenders need to ask themselves the following questions: Are they getting smarter and quicker at a similar rate? Or will the attackers continue to win out?