Eldorado Ransomware Strikes: U.S. Sectors Hit by New Cyber Menace
New ransomware-as-a-service Eldorado is wreaking havoc, targeting U.S. sectors like real estate and healthcare. Researchers at Group-IB found Eldorado boasting on RAMP forums and seeking skilled affiliates. This Go-based ransomware encrypts Windows and Linux files, using ChaCha20 and RSA algorithms. It’s causing significant damage in…
Hot Take:
Move aside, Robin Hood! The new gang in town, Eldorado, isn’t stealing from the rich to give to the poor; they’re just stealing from the rich (and everyone else) for themselves. And with a name like Eldorado, you’d think they were hunting for gold, but it’s your data they’re after!
Key Points:
– Eldorado is a new Ransomware-as-a-Service (RaaS) targeting both Windows and VMware ESXi systems.
– The gang has already claimed 16 victims, primarily in the U.S., spanning various sectors.
– Eldorado uses the ChaCha20 algorithm for encryption and appends files with a “.00000001” extension.
– The ransomware skips critical system files to avoid rendering the system unusable.
– Group-IB researchers infiltrated the operation and noted its promotion on RAMP forums.
Membership Required
You must be a member to access this content.