Globe2 Ransomware | Tech Support Scammer's Dream

Name: Globe2 Ransomware | Tech Support Scammer's Dream
Uploaded: 2016-11-08T16:14:02.000Z
Duration: 9 min
Channel: The PC Security Channel
Description: - A new variant of Globe ransomware has been identified, based on the Blowfish algorithm. - This variant includes a debug mode, which is unusual for ransomware as it gives away the attacker's presence. - It also scans for virtual machine applications and terminates itself if a virtual machine is det

November 8, 2016

The PC Security Channel

TL;DR

A new variant of Globe ransomware has been discovered, which uses the Blowfish algorithm and has unique features like a debug mode and scanning for virtual machines.

Transcript

more ransomware this week this time it's a new variant of globe since we've never really talked about this ransomware before I wanted to give you guys a quick introduction so this is a ransomware based on the Blowfish algorithm so it's not as and it does a few other funny things first of all it comes with a debug mode now that is kind of odd for ra... Read More

Key Insights

👶 The new variant of Globe ransomware is based on the Blowfish algorithm.
🥅 The inclusion of a debug mode in the ransomware is unusual and goes against the attacker's goal of remaining undetected.
🎰 The ransomware scans for virtual machine applications and terminates itself if a virtual machine is detected.
🔇 It deletes Shadow volume copies and disables Windows startup repair to make file recovery more difficult.
😒 The ransomware changes the desktop wallpaper and uses an HTML application for the ransom note.
🤩 The disassembler reveals relevant information about the programming language and registry keys used by the ransomware.
📁 The ransomware follows a specific sequence when encrypting files to avoid detection.

Install to Summarize YouTube Videos and Get Transcripts

Explore YouTube Video Summarizer or Get YouTube Transcript Extractor

Questions & Answers

Q: What algorithm is the new variant of Globe ransomware based on?

The new variant of Globe ransomware is based on the Blowfish algorithm.

Q: Why is the inclusion of a debug mode in ransomware unusual?

The inclusion of a debug mode in ransomware is unusual because it reveals the attacker's presence and goes against their goal of hiding their footprint.

Q: What action does the ransomware take if it detects a virtual machine?

If the ransomware detects a virtual machine, it will terminate itself.

Q: What are some of the behaviors exhibited by this new variant of Globe ransomware?

The new variant of Globe ransomware deletes Shadow volume copies, disables Windows startup repair, changes the wallpaper, and uses an HTML application for the ransom note instead of a traditional notepad.

Summary & Key Takeaways

A new variant of Globe ransomware has been identified, based on the Blowfish algorithm.
This variant includes a debug mode, which is unusual for ransomware as it gives away the attacker's presence.
It also scans for virtual machine applications and terminates itself if a virtual machine is detected.

Read in Other Languages (beta)

English

Share This Summary 📚

Summarize YouTube Videos and Get Video Transcripts with 1-Click

Download browser extensions on:

Try YouTube Summary with ChatGPT & Claude or YouTube Transcript Generator

Explore More Summaries from The PC Security Channel 📚

Kaspersky Internet Security 2017 Review

The PC Security Channel

Avast vs Ransomware

The PC Security Channel

Beware the flashing skull | Petya Ransomware

The PC Security Channel

Google Chrome vs Microsoft Edge | Security Test

The PC Security Channel

MGM & Defcon Venue hack: BlackCat Ransomware

The PC Security Channel

Security Talk 6: Bleeping Computer sued for a negative review and more

The PC Security Channel

Summarize YouTube Videos and Get Video Transcripts with 1-Click

Download browser extensions on:

Try YouTube Summary with ChatGPT & Claude or YouTube Transcript Generator

Globe2 Ransomware | Tech Support Scammer's Dream

November 8, 2016

The PC Security Channel

Globe2 Ransomware | Tech Support Scammer's Dream

TL;DR

A new variant of Globe ransomware has been discovered, which uses the Blowfish algorithm and has unique features like a debug mode and scanning for virtual machines.

Transcript

Key Insights

👶 The new variant of Globe ransomware is based on the Blowfish algorithm.
🥅 The inclusion of a debug mode in the ransomware is unusual and goes against the attacker's goal of remaining undetected.
🎰 The ransomware scans for virtual machine applications and terminates itself if a virtual machine is detected.
🔇 It deletes Shadow volume copies and disables Windows startup repair to make file recovery more difficult.
😒 The ransomware changes the desktop wallpaper and uses an HTML application for the ransom note.
🤩 The disassembler reveals relevant information about the programming language and registry keys used by the ransomware.
📁 The ransomware follows a specific sequence when encrypting files to avoid detection.

Install to Summarize YouTube Videos and Get Transcripts

Explore YouTube Video Summarizer or Get YouTube Transcript Extractor

Questions & Answers

Q: What algorithm is the new variant of Globe ransomware based on?

The new variant of Globe ransomware is based on the Blowfish algorithm.

Q: Why is the inclusion of a debug mode in ransomware unusual?

The inclusion of a debug mode in ransomware is unusual because it reveals the attacker's presence and goes against their goal of hiding their footprint.

Q: What action does the ransomware take if it detects a virtual machine?

If the ransomware detects a virtual machine, it will terminate itself.

Q: What are some of the behaviors exhibited by this new variant of Globe ransomware?

Summary & Key Takeaways

A new variant of Globe ransomware has been identified, based on the Blowfish algorithm.
This variant includes a debug mode, which is unusual for ransomware as it gives away the attacker's presence.
It also scans for virtual machine applications and terminates itself if a virtual machine is detected.