SolidBit Ransomware Enters the RaaS Scene and Takes Aim at Gamers and Social Media Users With New Variant

Trend Micro researchers recently analyzed a sample of a new SolidBit ransomware variant that targets users of popular video games and social media platforms. The malware was uploaded to GitHub, where it is disguised as different applications, including a League of Legends account checker tool (Figure 1) and an Instagram follower bot, to lure in victims.

The League of Legends account checker on GitHub is bundled with a file that contains instructions on how to use the tool, but that is the extent of the pretense: It has no graphic user interface (GUI) or any other behavior related to its supposed function. When an unsuspecting victim runs the application, it automatically executes malicious PowerShell codes that drop the ransomware. Another file that comes with the ransomware is named “Source code,” but this seems to be different from the compiled binary.

Read more…
Source: Trend Micro