"Hello XD Ransomware Now Drops a Backdoor While Encrypting"

Researchers with Palo Alto Networks Unit 42 report a rise in the activity of the Hello XD ransomware, whose operators are now using an updated sample with stronger encryption. The Hello XD ransomware family, which was first observed in November 2021, was based on the leaked source code of Babuk. It was involved in a few double-extortion attacks in which threat actors stole corporate data prior to device encryption. According to a new report from the researchers, the ransomware's author has developed a new encryptor featuring custom packing for detection evasion and changes in the encryption algorithm, thus marking a major shift from the Babuk code. This also indicates the author's intention to create a new ransomware strain with unique capabilities and features for stronger attacks. This article continues to discuss the latest version of Hello XD ransomware. 

Bleeping Computer reports "Hello XD Ransomware Now Drops a Backdoor While Encrypting"