HelloXD Ransomware Installing Backdoor on Targeted Windows and Linux Systems

by | June 13, 2022 | Cyber Attacks

Windows and Linux systems are being targeted by a ransomware variant called HelloXD, with the infections also involving the deployment of a backdoor to facilitate persistent remote access to infected hosts.

“Unlike other ransomware groups, this ransomware family doesn’t have an active leak site; instead it prefers to direct the impacted victim to negotiations through Tox chat and onion-based messenger instances,” Daniel Bunce and Doel Santos, security researchers from Palo Alto Networks Unit 42, said in a new write-up.

HelloXD surfaced in the wild on November 30, 2021, and is based off leaked code from Babuk, which was published on…

See More

Skip to content