With new obfuscation techniques, and attack capabilities, the Hello XD ransomware(opens in new tab) is now more dangerous than ever before, Unit 42, Palo Alto Networks’ cybersecurity arm, has found.
The group discovered Hello XD now features a new encryptor featuring custom packing, that helps the malware(opens in new tab) stay hidden. What’s more, it comes with new changes to the encryption algorithm. Instead of the modified HC-128 and Curve25519-Donna, this newly discovered version comes with Rabbit Cipher and Curve25519-Donna. Furthermore, the file marker no longer features a coherent string, but rather carries random bytes, further strengthening the cryptography.
