After months of development, a new ransomware called SpiderX has been announced as the successor to the infamous Diablo ransomware. The creator claims that SpiderX includes all the features of Diablo plus additional enhancements, making it a more potent threat. Priced at $150 and accepting payments in Bitcoin and Monero, SpiderX is poised to cause significant damage across various systems.
Features of SpiderX Ransomware
Advanced Encryption:
- ChaCha20-256 Algorithm: SpiderX uses the ChaCha20-256 encryption algorithm, touted as the fastest in the world. This method takes significantly less time than the commonly used AES-256, making it more efficient in encrypting files quickly.
Comprehensive Targeting:
- Broad Attack Surface: Similar to its predecessor Diablo, SpiderX not only targets main user folders on the Windows drive but also extends its reach to external partitions, drivers, USBs, and other connected devices. This extensive targeting ensures that a wide range of data is compromised.
Offline Operation:
- No Internet Connection Required: Unlike many other ransomware strains, SpiderX can operate completely offline. Once executed, it quickly encrypts files within seconds, without needing an internet connection.
Custom Payload:
- Embedded Wallpaper: The ransomware payload includes a custom wallpaper embedded directly, ensuring that it is not just a basic script downloading files from a server. This makes the attack more seamless and difficult to detect.
Efficient Execution:
- Written in C++: SpiderX is developed in C++, which offers faster execution compared to other programming languages like C# or Python. This results in quicker deployment and execution of the ransomware.
Persistent Threat:
- Continuous Background Operation: Once deployed, SpiderX remains persistent, running silently in the background and continuously encrypting any new files. Additionally, any USB drive or external device connected after the initial attack will also be infected, enhancing the attacker’s control.
Data Exfiltration:
- File Stealer Capability: Unlike Diablo, SpiderX includes a file stealer feature that exfiltrates data from the target system, compresses it into a zip file, and sends it to the attacker’s Mega account. It then covers its tracks to avoid detection.
