Subscribe

Attackers Still Using SunCrypt Ransomware To Compromise Organizations

March 29, 2022

SunCrypt ransomware operators are still using the ransomware to compromise organizations. According to Minerva Labs, the gang recently compromised Migros, Switzerland’s largest supermarket.

The malware operators have developed a better version of their strain which offers new capabilities. The capabilities include process termination, stopping services, and wiping the machine clean for ransomware execution.

The process termination feature includes resource-heavy processes that can block the encryption of open data files such as WordPad (documents), SQLWriter (databases), and Outlook (emails).

SunCrypt operators however retained the use of I/O completion ports for faster encryption through process threading.

They also continue to encrypt both local volumes and network shares while maintaining an allowlist for the Windows directory and other items that render a computer inoperable when compromised.

SunCrypt was notoriously known in mid-2020 as one of the pioneers of triple extortion on non-paying victims.

For more information, read the original story in BleepingComputer.

Top Stories

Alberta voter data leak exposes millions through political list misuse

Google Gemini now creates downloadable files directly in app

Accenture expands Copilot rollout to 743,000 staff 

Google signs Pentagon AI deal despite internal employee opposition

OpenAI reportedly building AI agent phone to replace app-driven interfaces

China blocks Meta’s $2B AI acquisition, orders deal unwind

Related Articles

70,000 customers may be affected in Canada Life cyber incident

April 27, 2026 Canada Life says it has contained a cybersecurity incident involving unauthorized access to internal applications through an more...

Microsoft’s Recall feature raises new security concerns despite overhaul

April 17, 2026 Microsoft’s Recall feature for Copilot+ PCs is again under scrutiny after a researcher demonstrated a way to more...

Booking.com breach triggers surge in “reservation hijacking” phishing scams

April 17, 2026 Booking.com has confirmed a data breach exposing customer booking details and contact information, prompting warnings about a more...

Anthropic coding tool exposes full source code again after packaging error

April 1, 2026 Anthropic has inadvertently exposed the full source code of its Claude Code tool for the second time more...

Picture of TND Newsdesk

TND Newsdesk

Picture of TND Newsdesk

TND Newsdesk

Jim Love

Jim is an author and podcast host with over 40 years in technology.

Share:
Facebook
Twitter
LinkedIn
Tech News Day is a daily publication featuring key news stories about technology and how it affects businesses.

Follow Us

X-twitter Linkedin-in

Popular categories

Tech News Delivered

New, Relevant Tech Stories. Our selection is done by industry professionals – executives like you who pick the top stories for that day. Our writers summarize them to give you the key takeaways.
Subscribe
© 2025 TECHNEWSDAY. All rights reserved.