B0r0nt0K Ransomware Wants $75,000 Ransom, Infects Linux Servers.

A new ransomware called B0r0nt0K is encrypting victim’s web sites and demanding a 20 bitcoin, or approximately $75,000 USD, ransom. This ransomware is known to infect Linux servers, but may also be able to encrypt users running Windows.

When B0r0nt0K encrypts a file it will base64 the encrypted data.

The file’s name will also be renamed by encrypting the filename, base64 encoding it, url encoding it, and finally appending the .rontok extension to the new file name. An example of a encrypted file’s name is zmAAwbbilFw69b7ag4G4bQ%3D%3D.rontok.

The URL of the payment site located at https://borontok.uk/. When visiting this site, the user will be asked to submit their personal ID.

Once an ID is entered, the user will be presented with a payment page that includes the bitcoin ransom amount, the bitcoin payment address, and the [email protected] email that can be used to contact the developers. In this particular instance, the ransom demand was 20 bitcoins, which is currently equal to approximately $75,000. The developers, though, appear to be willing to negotiate the price.

When examining the source code for the payment site @ (https://borontok.uk/ which has been taken down already.), we noticed the “Vietnamese Hacker” embedded comment. While this could imply that the developer is Vietnamese, this is by no means proof, however, just an FYI. (see image below)

 

B0r0nt0K Ransomware Wants $75,000 Ransom, Infects Linux Servers

 


Related Videos:

Related Links:

How to Fix ERR_TOO_MANY_REDIRECTS on Your WordPress Site

JavaScript Glossary

Build to-do list web-app with code

What is Kodi or XBMC?

Python String Formatting

Learn Modules and Packages in Python programming

Learn Code Introspection Python Programming

Ransomware Attacks Target MSPs to Mass-Infect Customers

Context in Outbound Links for High Ranking SEO

Googles John Mueller on Best Site Structure

Methods of teaching programming

Doomsday Docker security hole uncovered

Coding Resources Recommended by Tech Experts

Privacy commissioner investigating security of patient health records at Alberta Health Services

What’s behind this 1,000-character phishing URL?

GitHub’s and more best FREE guides for Python developers

About Kodi Add-ons

Adding Python Comments

Hello World Android app built with Android Studio

Introduction to JavaScript

Introduction to JavaScript – CONSOLE

Introduction to JavaScript – Control Flow: if/else Statements

College graduates not learning a programming language that’s vital for top tech jobs.

Hackers Have Just Put 620 Million Accounts Up For Sale On The Dark Web — Are You On The List?