HardBit ransomware, known for employing obfuscation techniques to evade detection, has surfaced with its 4.0 version containing enhanced capabilities. This version exploits sophisticated encryption methods and deletes Volume Shadow Copy Service to undermine file recovery processes. With persistence mechanisms and the ability to disable crucial Windows Defender features, the ransomware poses a severe threat to organizations. HardBit's operations, characterized by ransom negotiations and the absence of double extortion, indicate a tactical approach to cyber extortion. The infection method remains ambiguous, but parallels with LockBit suggest a marketing strategy while underscoring the risks of remote desktop and SMB service vulnerabilities.
Source: https://securityaffairs.com/165735/malware/hardbit-ransomware-version-4-0.html
"id": "tri001072224",
"linkid": "tripwire",
"type": "Ransomware",
"date": "7/2024",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization’s existence"