Evil Corp, the group responsible for Dridex and BitPaymer, has released their latest ransomware: WastedLocker. This new ransomware variant has been showing up for just over a month, and does not share much in common with its predecessors. WastedLocker is often targeted, focusing on spaces with large amounts of data stored, rather than encrypting common system files. Similar to Dridex, WastedLocker uses the SocGholish fake update framework to distribute the ransomware, although other methods of distribution also appear to be in use. Files encrypted by WastedLocker will have the word wasted in the file extension.



