TECH NEWSSOFTWARE

New Ransomware Strain Rorshach Takes the Crown as the Fastest

Rorshach Ransomware: The Fastest Encryption Yet

New Ransomware Strain Rorshach Takes the Crown as the Fastest
New Ransomware Strain Rorshach Takes the Crown as the Fastest

New Ransomware Strain Rorshach Takes the Crown as the Fastest

Cybersecurity researchers have recently uncovered a new strain of ransomware which they argue is the fastest around. After investigating a cyber-incident at a US company, experts at Check Point came across an unknown ransomware variant which, after a more thorough analysis, was dubbed Rorshach.

Rorshach completed the task of encrypting 220,000 files on a 6-core CPU machine in just four and a half minutes, making it the fastest ransomware strain around. This is significantly faster than LockBit 3.0, which previously held the record at seven minutes for the same job.

While the ransomware’s operators are still unknown, the researchers do have a few ideas as to who might be behind it. The ransom note, they say, uses a format similar to the one used by the Yanlowang ransomware. They also said that the previous versions of malware used a ransom note similar to what DarkSide used, which tricked other researchers into believing that Rorshach was actually DarkSide.

Rorshach Ransomware The Fastest Encryption Yet
Rorshach Ransomware The Fastest Encryption Yet

When it comes to the ransomware’s technical specifications, the researchers found Rorshach supporting command-line arguments that can expand its functionality. However, the options are hidden, and can’t be accessed without reverse-engineering the malware. They also found that the encryptor will only go to work if it finds the target machine being configured with a language outside the Commonwealth of Independent States (CIS).

Related Articles

As for the encryption scheme, it’s a mix of curve25519 and eSTREAM cipher hc-12 algorithms. The malware only encrypts parts of the file, which is a practice other ransomware developers implemented, as well, to speed up the encrypting process.

Rorshach’s encryption routine suggests “a highly effective implementation of thread scheduling via I/O completion ports,” the researchers concluded.

Conclusion

The discovery of Rorshach highlights the need for companies to have a robust cybersecurity strategy in place. With ransomware attacks becoming increasingly sophisticated and fast, it’s essential for businesses to take steps to protect themselves. This includes regular backups of critical data, keeping software up to date, and training employees on cybersecurity best practices. By taking these steps, businesses can help reduce the risk of falling victim to ransomware attacks like Rorshach.

FAQs:

Q: How did the researchers determine that Rorshach is the fastest ransomware strain?

A: The researchers at Check Point gave the ransomware 220,000 files to encrypt on a 6-core CPU machine and timed how long it took to complete the task. Rorshach completed the task in just four and a half minutes, making it the fastest ransomware strain around.

Q: Who might be behind the Rorshach ransomware?

A: The ransomware’s operators are still unknown, but the researchers believe that the ransom note uses a format similar to the one used by the Yanlowang ransomware.

Keywords: Cybersecurity, Ransomware, Rorshach, Check Point, Yanlowang, Darkside, Malware, Cybersecurity Strategy

Tags
Photo of Adil Sattar

Adil Sattar

Adil Sattar is a seasoned writer, SEO expert, and technology journalist with years of hands-on experience in the digital content and IT industries. With a passion for uncovering the latest breakthroughs in technology, Adil has dedicated his career to making complex tech concepts simple, engaging, and accessible to a broad audience. Armed with deep expertise in search engine optimization, Adil understands not just how to write great content — but how to make sure it reaches the right audience. His work spans a wide range of technology topics including artificial intelligence, cybersecurity, software development, consumer electronics, and digital innovation. As the founder and lead writer at TechBeams, Adil has built a platform trusted by tech enthusiasts, IT professionals, and everyday readers alike. His unique blend of technical knowledge, SEO acumen, and storytelling ability sets TechBeams apart as a go-to destination for reliable and insightful tech content. When he's not writing or researching the next big thing in tech, Adil is constantly learning, adapting, and staying ahead of the curve in an ever-evolving digital landscape.

Leave a Reply

Back to top button