Menu

  • Alerts
  • Incidents
  • News
  • APTs
  • Cyber Decoded
  • Cyber Hygiene
  • Cyber Review
  • Cyber Tips
  • Definitions
  • Malware
  • Threat Actors
  • Tutorials

Useful Tools

  • Password generator
  • Report an incident
  • Report to authorities
No Result
View All Result
CTF Hack Havoc
CyberMaterial
  • Education
    • Cyber Decoded
    • Definitions
  • Information
    • Alerts
    • Incidents
    • News
  • Insights
    • Cyber Hygiene
    • Cyber Review
    • Tips
    • Tutorials
  • Support
    • Contact Us
    • Report an incident
  • About
    • About Us
    • Advertise with us
Get Help
Hall of Hacks
  • Education
    • Cyber Decoded
    • Definitions
  • Information
    • Alerts
    • Incidents
    • News
  • Insights
    • Cyber Hygiene
    • Cyber Review
    • Tips
    • Tutorials
  • Support
    • Contact Us
    • Report an incident
  • About
    • About Us
    • Advertise with us
Get Help
No Result
View All Result
Hall of Hacks
CyberMaterial
No Result
View All Result
Home Alerts

New HardBit Ransomware Variant Spotted

July 15, 2024
Reading Time: 3 mins read
in Alerts
New HardBit Ransomware Variant Spotted

Cybersecurity researchers have uncovered the latest evolution of HardBit Ransomware in version 4.0, featuring sophisticated obfuscation techniques designed to evade detection. This updated variant introduces passphrase protection, a new layer of security that requires a specific passphrase during runtime for the ransomware to execute effectively. According to analysis by Cybereason researchers Kotaro Ogino and Koshi Oyama, this enhancement poses challenges for security analysts attempting to dissect its operations and mitigate its impact on affected systems.

Unlike its predecessors, HardBit 4.0 does not operate a data leak site but instead employs double extortion tactics, compelling victims to pay ransom under threat of future attacks. The ransomware group communicates primarily through the Tox instant messaging service, and its initial access vectors are suspected to involve brute-force attacks on Remote Desktop Protocol (RDP) and Server Message Block (SMB) services. Once inside a system, HardBit 4.0 utilizes tools like Mimikatz and NLBrute for credential theft and Advanced Port Scanner for network reconnaissance, enabling lateral movement across compromised networks.

Upon deployment, HardBit 4.0 employs the Neshta file infector virus to encrypt files on victim machines. It also disables Microsoft Defender Antivirus and terminates critical processes to evade detection. The ransomware modifies file icons, changes desktop wallpapers, and alters system volume labels to signify compromise. The ransomware is available in both command-line and graphical user interface (GUI) versions, with the GUI variant supporting a wiper mode that irreversibly erases files and wipes disks, contingent upon an authorization ID and decryption key provided by the attackers.

As ransomware attacks continue to escalate in frequency and sophistication throughout 2024, with prominent families like LockBit and Akira dominating the landscape, cybersecurity experts stress the importance of robust defense measures and proactive threat detection strategies. Palo Alto Networks’ Unit 42 Incident Response report underscores the rapid exploitation of known vulnerabilities in public-facing applications as a favored tactic among ransomware groups. This trend highlights the critical need for organizations to strengthen their cybersecurity postures and stay abreast of evolving threats to safeguard sensitive data and infrastructure effectively.

Reference:

  • HardBit Ransomware 4.0 Introduces Passphrase Protection to Evade Detection
Tags: Cyber AlertsCyber Alerts 2024Cyber RiskCyber threatCybereasonCybersecurity researchersJuly 2024RansomwareServer Message Block
ADVERTISEMENT

Related Posts

BadIIS Malware Spreads Via SEO Poisoning

Hackers Target AWS and Steal Credentials

September 24, 2025
BadIIS Malware Spreads Via SEO Poisoning

SonicWall SMA100 Update Removes Rootkit

September 24, 2025
BadIIS Malware Spreads Via SEO Poisoning

BadIIS Malware Spreads Via SEO Poisoning

September 24, 2025
FBI Issues Warning on Spoofed IC3 Website

FBI Issues Warning on Spoofed IC3 Website

September 22, 2025
FBI Issues Warning on Spoofed IC3 Website

Infostealer Hits macOS Users Widely

September 22, 2025
FBI Issues Warning on Spoofed IC3 Website

SonicWall Warns Reset After Exposure

September 22, 2025

Latest Alerts

Hackers Target AWS and Steal Credentials

SonicWall SMA100 Update Removes Rootkit

BadIIS Malware Spreads Via SEO Poisoning

SonicWall Warns Reset After Exposure

Infostealer Hits macOS Users Widely

FBI Issues Warning on Spoofed IC3 Website

Subscribe to our newsletter

    Latest Incidents

    Boyd Gaming Reports Data Breach After Attack

    Morrisroe UK Company Hit By Cyber Attack

    GeoServer Flaw Breaches US Agency Network

    Steam Game Steals Streamer Donations

    Ransomware Gang Hacks Spartanburg County

    Cyberattack Hits Europe Airport Systems

    CyberMaterial Logo
    • About Us
    • Contact Us
    • Jobs
    • Legal and Privacy Policy
    • Site Map

    © 2025 | CyberMaterial | All rights reserved

    Welcome Back!

    Login to your account below

    Forgotten Password?

    Retrieve your password

    Please enter your username or email address to reset your password.

    Log In

    Add New Playlist

    No Result
    View All Result
    • Alerts
    • Incidents
    • News
    • Cyber Decoded
    • Cyber Hygiene
    • Cyber Review
    • Definitions
    • Malware
    • Cyber Tips
    • Tutorials
    • Advanced Persistent Threats
    • Threat Actors
    • Report an incident
    • Password Generator
    • About Us
    • Contact Us
    • Advertise with us

    Copyright © 2025 CyberMaterial