Subscribe

Attackers Still Using SunCrypt Ransomware To Compromise Organizations

March 29, 2022

SunCrypt ransomware operators are still using the ransomware to compromise organizations. According to Minerva Labs, the gang recently compromised Migros, Switzerland’s largest supermarket.

The malware operators have developed a better version of their strain which offers new capabilities. The capabilities include process termination, stopping services, and wiping the machine clean for ransomware execution.

The process termination feature includes resource-heavy processes that can block the encryption of open data files such as WordPad (documents), SQLWriter (databases), and Outlook (emails).

SunCrypt operators however retained the use of I/O completion ports for faster encryption through process threading.

They also continue to encrypt both local volumes and network shares while maintaining an allowlist for the Windows directory and other items that render a computer inoperable when compromised.

SunCrypt was notoriously known in mid-2020 as one of the pioneers of triple extortion on non-paying victims.

For more information, read the original story in BleepingComputer.

Top Stories

What a year this has been.

Top 10 reflections on information technology developments in 2025

Spotify says it has identified account behind mass scraping claimed by pirate group

Waymo suspends San Francisco robotaxi service after power outage leaves cars blocking roads

Facial recognition becomes mandatory for new mobile accounts in South Korea

Alphabet to buy data centre and energy firm to boost AI capacity

Related Articles

Facial recognition becomes mandatory for new mobile accounts in South Korea

December 23, 2025 South Korea will require facial recognition scans to open new mobile phone accounts. The new rule is more...

Apple ties critical spyware fixes to iOS 26, forcing upgrades on newer iPhones

December 22, 2025 Apple is requiring iPhone users who have not upgraded to iOS 26 to update now after confirming more...

U.S. authorities extradite alleged member of Russian hacktivist groups

December 12, 2025 The United States has extradited a Ukrainian national accused of working with Russian-backed hacktivist groups that targeted more...

Google Gemini bringing AI-powered features to Android Auto

November 24, 2025 Google is rolling out its Gemini artificial intelligence assistant to vehicles equipped with Android Auto, promising a more...

Picture of TND Newsdesk

TND Newsdesk

Picture of TND Newsdesk

TND Newsdesk

Jim Love

Jim is an author and podcast host with over 40 years in technology.

Share:
Facebook
Twitter
LinkedIn
Tech News Day is a daily publication featuring key news stories about technology and how it affects businesses.

Follow Us

X-twitter Linkedin-in

Popular categories

Tech News Delivered

New, Relevant Tech Stories. Our selection is done by industry professionals – executives like you who pick the top stories for that day. Our writers summarize them to give you the key takeaways.
Subscribe
© 2025 TECHNEWSDAY. All rights reserved.