FortiGuard Labs is aware that a new ransomware called “Sugar” is in the wild. Reportedly, Sugar ransomware targets consumers rather than enterprises. The first sample of Sugar ransomware appears to have been discovered in the wild in early November. Sugar ransomware encrypts files on the compromised machine and appends “.emcoded01” file extension to them. Victims are asked to pay ransom to recover the encrypted files.What is Sugar Ransomware?Sugar is a ransomware that is written in Delphi and appeared in the wild in November 2021 at the latest. Once run, Sugar ransomware encrypts files on the compromised machine and appends “.encoded01” file extension to them. The malware then displays a ransom note that asks the victim to visit the attacker’s TOR page to pay the ransom in order to recover the encrypted files. The attacker offers to decrypt up to five files to prove that the encrypted files can be recovered upon ransom is paid.The ransom note displayed by Sugar ransomware looks similar to that of REvil ransomware. Also, the TOR site used by Sugar ransomware has close resemblance with that of Cl0p ransomware. However, there is no evidence to suggest that the Sugar ransomware group is associated with REvil and Cl0p threat actors.How Widespread is Sugar Ransomware?Based on the telemetry data collected by FortiGuard Labs, Sugar ransomware infections likely occurred in Canada, Thailand, the United States, Israel and Lithuania.What is the Status of Coverage?FortiGuard Labs provides the following AV coverage against Sugar ransomware:W32/Filecoder.OJD!tr.ransomW32/PossibleThreat
More Stories
java-latest-openjdk-24.0.1.0.9-1.rolling.el8
FEDORA-EPEL-2025-a2514f7321 Packages in this update: java-latest-openjdk-24.0.1.0.9-1.rolling.el8 Update description: repacked April CPU 2025 Fixed alternatives priority Java-latest-openjdk updated to jdk 24...
pgadmin4-9.2-1.fc41
FEDORA-2025-49d6f62c0e Packages in this update: pgadmin4-9.2-1.fc41 Update description: Update to pgadmin-9.2. Read More
java-latest-openjdk-24.0.1.0.9-1.rolling.el9
FEDORA-EPEL-2025-69dbee5b72 Packages in this update: java-latest-openjdk-24.0.1.0.9-1.rolling.el9 Update description: April 2025 CPU Fixed alternatives priority Java-latest-openjdk updated to jdk 24 Read...
java-latest-openjdk-24.0.1.0.9-1.rolling.el10_0 java-latest-openjdk-portable-24.0.1.0.9-1.rolling.el8
FEDORA-EPEL-2025-eb6bb14364 Packages in this update: java-latest-openjdk-24.0.1.0.9-1.rolling.el10_0 java-latest-openjdk-portable-24.0.1.0.9-1.rolling.el8 Update description: April 2025 CPU First jdk24 for epel10 Read More
java-1.8.0-openjdk-portable-1.8.0.452.b06-2.fc39 java-17-openjdk-portable-17.0.15.0.6-1.fc40
FEDORA-2025-5c15947cd4 Packages in this update: java-17-openjdk-portable-17.0.15.0.6-1.fc40 java-1.8.0-openjdk-portable-1.8.0.452.b06-2.fc39 Update description: April 2025 CPU Read More
java-1.8.0-openjdk-1.8.0.452.b06-1.fc40
FEDORA-2025-b6323169bc Packages in this update: java-1.8.0-openjdk-1.8.0.452.b06-1.fc40 Update description: April 2025 CPU Read More