"Rust-Written 3AM Ransomware: A Sneak Peek into a New Malware Family"
3AM is a new ransomware family that was detected in a single incident where an unidentified affiliate attempted to deliver LockBit, attributed to Bitwise Spider or Syrphid, to the target network but failed. According to the Symantec Threat Hunter Team, 3AM is written in Rust and appears to be a brand-new malware family. Before encrypting files, the ransomware tries to disable multiple services on the infected computer. Once encryption is complete, Volume Shadow (VSS) copies are deleted. The new ransomware family's name derives from its ransom note. It also appends the extension [.]threeamtime to encrypted files. However, it is currently unknown whether the malware authors have ties to known e-crime groups. In the attack identified by Symantec, the adversary reportedly launched the ransomware on three machines in the organization's network, but it was blocked on two of these machines. This article continues to discuss the new 3AM ransomware family.
THN reports "Rust-Written 3AM Ransomware: A Sneak Peek into a New Malware Family"