An infamous disk-wiping malware called KillDisk is now functioning as ransomware. It will demand a surprisingly steep amount of 222 bitcoins, or equal to almost $215,000 to unlock infected files.
A piece of malicious software called KillDisk, infamously known for wiping files on a hard drive and corrupting it afterwards, is now equipped with a ransomware component, giving it the ability to lock up a victim's computer and demand money.
KillDisk was developed by a gang calling themselves 'TeleBots,' a group which is also behind a backdoor trojan of the same name, and responsible for a cyber-attack that sabotaged Ukrainian companies in 2016. Aside from this, Ukrainian banks have also been targeted, using malicious email attachments that contain the trojan.
Once important data from infected systems have been collected, KillDisk will then be deployed, subsequently destroying and replacing system files, as well as modifying file extensions. At this point, with the damage being done, this will render the computer unbootable, as well as hide the identity of the attacker.
And now, to make matters even worse, as KillDisk is mainly functioning as ransomware, and as Bleeping Computer puts it, it makes it much easier to cover the cybercriminals' tracks when they market themselves as ransomware, covering up the TeleBots backdoor trojan.