Book a Demo
Book a Demo

Ransomware Roundup: Cryptonite Ransomware

November 29, 2022

After Cryptonite has been executed, It actively checks for internet connections and stops execution if non are detected. If an Internet connection is active and established, it encrypts the targeted system. Later, encrypted file extensions are changed to “.cryptn8” by default. After identifying the IP address using “ipinfo.io”, It connects to “ngrok.io” to pass the victim’s details back to the attacker. Finally, a ransomware window is shown on the victim’s machine with a box where the victim can enter the key and instructions on how to obtain it.

Featured Resources

the principle of security validation
blog

Finding the Right Fit: Vulnerability Assessment vs. Penetration Testing

With more cyber threats than ever before, protecting your organization’s assets and sensitive data has never been more critical. Businesses

Read More
image
blog

Cyber Threats in the Seams 

It’s easy for even the most vigilant security teams to overlook a critical reality: no one fully understands all the

Read More
image
CUSTOMERS

Law Enforcement Agency Restores Confidence in Cyber Defenses

This small cybersecurity team is tasked with protecting the organization’s fraud services and all electronic records related to criminal investigations.

Read More

Subscribe to Our Blog

Subscribe now to get the latest insights, expert tips and updates on threat exposure validation.

Subscribe