• Privacy Policy
  • Advertise
  • Contact Us
  • Login
Egy Economy
Advertisement
  • Egy Economy
  • Economy
    • Local
    • International
  • Stock Markets
    • Stock Exchange
    • Cash
  • Prices
  • Real Estate
  • Tech
  • Tourism
  • More
    • Opinions
    • Success Story
    • Variety
  • العربية
No Result
View All Result
  • Egy Economy
  • Economy
    • Local
    • International
  • Stock Markets
    • Stock Exchange
    • Cash
  • Prices
  • Real Estate
  • Tech
  • Tourism
  • More
    • Opinions
    • Success Story
    • Variety
  • العربية
No Result
View All Result
Egy Economy
No Result
View All Result
Home Tech

Kaspersky explores the evolution of AI-powered ransomware with password-gated capabilities

إيجى إيكونومى by إيجى إيكونومى
3 July، 2025
in Tech
0
Kaspersky explores the evolution of AI-powered ransomware with password-gated capabilities
152
SHARES
1.9k
VIEWS
Share on FacebookShare on Twitter

Kaspersky experts revealed the inner workings of FunkSec — a ransomware group that illustrates the future of mass cybercrime: AI-powered, multifunctional, highly adaptive and operating on volume with ransoms as low as $10,000 to maximize profits.

Kaspersky’s Global Research and Analysis Team (GReAT) constantly monitors the ransomware threat landscape, where attacks continue to rise. According to the company’s latest State of Ransomware report, the share of users affected by ransomware attacks worldwide increased to 0.44% from 2023 to 2024, up by 0.02 percentage points. While this percentage may appear modest compared to other cyber threats, it reflects the fact that attackers typically prioritize high-value targets rather than mass distribution, making each incident potentially devastating. Within this evolving landscape, FunkSec has emerged as a particularly concerning threat.

Active for less than a year since its emergence in late 2024, FunkSec has quickly surpassed many established actors by targeting government, technology, finance and education sectors. What sets FunkSec apart is its sophisticated technical architecture and AI-assisted development. The group packages full-scale encryption and aggressive data exfiltration into a single Rust-based executable, capable of disabling over 50 processes on victim machines and equipped with self-cleanup features to evade defenses. Beyond its core ransomware functionality, FunkSec has expanded its toolkit to include a password generator and a basic DDoS tool — both showing clear signs of code synthesis using large language models (LLMs).

FunkSec’s approach reflects the evolving landscape of mass cybercrime, combining advanced tools and tactics. Kaspersky’s GReAT experts highlight the key features that define their operations:

Password-Controlled Functionality

GReAT experts discovered that FunkSec ransomware features a unique password-based mechanism that controls its operation modes. Without a password, the malware performs basic file encryption, while providing a password activates a more aggressive data exfiltration process in addition to encryption to steal sensitive data.

FunkSec packs full-scale encryption, local exfiltration and self-cleanup into a single Rust binary—without a side-loader or a companion script. That level of consolidation is uncommon and gives affiliates a plug-and-play tool they can deploy almost anywhere.

Use of AI in development

Code analysis shows that FunkSec is actively using generative artificial intelligence to create its tools. Many parts of the code seem to be automatically generated rather than manually written. Signs of this generic placeholder comments (such as “placeholder for actual check”) and technical inconsistencies, like commands for different operating systems that don’t align properly. Additionally, the presence of declared but unused functions—such as modules included upfront but never utilized — reflects how large language models combine multiple code snippets without pruning redundant elements.

“More and more, we see cybercriminals leveraging AI to develop malicious tools. Generative AI lowers barriers and accelerates malware creation, enabling cybercriminals to adapt their tactics faster. By reducing the entry threshold, AI allows even less experienced attackers to quickly develop sophisticated malware at scale,” comments Marc Rivero, Lead Security Researcher at Kaspersky’s GReAT.

High-volume, low-ransom strategy

FunkSec demands unusually low ransom payments, sometimes as little as $10,000, and pairs this with the sale of stolen data at discounted prices to third parties. This strategy appears designed to enable a high volume of attacks, helping the group quickly establish its reputation within the cybercriminal underground. Unlike traditional ransomware groups that seek million-dollar ransoms, FunkSec employs a high-frequency, low-cost model — further underscoring its use of AI to streamline and scale operations.

Expands beyond ransomware

FunkSec has expanded its capabilities beyond the ransomware binary. Its dark leak site (DLS) hosts additional tools, including a Python-based password generator designed to support brute-force and password-spraying attacks, as well as a basic DDoS tool.

Advanced evasion

FunkSec employs advanced evasion techniques to avoid detection and complicate forensic analysis. The ransomware is capable of stopping over 50 processes and services to ensure thorough encryption of targeted files. Additionally, it includes a fallback mechanism to execute certain commands even if the user launching FunkSec lacks sufficient privileges.

Kaspersky’s products detect this threat as HEUR:Trojan-Ransom.Win64.Generic.

To stay protected from ransomware attacks, Kaspersky experts recommend organizations follow these best practices to safeguard from ransomware:

• Enable ransomware protection for all endpoints. There is a free Kaspersky Anti-Ransomware Tool for Business that shields computers and servers from ransomware and other types of malware, prevents exploits and is compatible with already installed security solutions.

• Always keep software updated on all the devices you use to prevent attackers from exploiting vulnerabilities and infiltrating your network.

• Focus your defense strategy on detecting lateral movements and data exfiltration to the internet. Pay special attention to outgoing traffic to detect cybercriminals’ connections to your network. Set up offline backups that intruders cannot tamper with. Make sure you can access them quickly when needed or in an emergency.

• Install anti-APT and EDR solutions, enabling capabilities for advanced threat discovery and detection, investigation and timely remediation of incidents. Provide your SOC team with access to the latest threat intelligence and regularly upskill them with professional training. All of the above is available within Kaspersky Expert Security framework.

• Use the latest Threat Intelligence information to stay aware of the actual Tactics, Techniques, and Procedures (TTPs) used by threat actors.

• To protect the company against a wide range of threats, use solutions from Kaspersky Next product line that provide real-time protection, threat visibility, investigation and response capabilities of EDR and XDR for organizations of any size and industry. Depending on your current needs and available resources, you can choose the most relevant product tier and easily migrate to another one if your cybersecurity requirements are changing.

 

 

Tags: egyeconomyKaspersky

Related Posts

ticipates in FRANEX 2026 to Support Digital Transformation in the Franchise Sector
Tech

ticipates in FRANEX 2026 to Support Digital Transformation in the Franchise Sector

4 July، 2026
Huawei Launches Model-as-a-Service (MaaS) in Egypt to Facilitate Enterprise AI Adoption
Tech

Huawei Launches Model-as-a-Service (MaaS) in Egypt to Facilitate Enterprise AI Adoption

25 June، 2026
Vodafone  Egypt strengthens security for 55 million customers with Company-Wide ISO/IEC 27001 Certification 
Tech

Vodafone Egypt strengthens security for 55 million customers with Company-Wide ISO/IEC 27001 Certification 

23 June، 2026
EFG Hermes Leads Landmark EGP 5.1 Billion Corporate Bond Issuance for EFG Corp-Solutions, the Largest in Egypt’s Debt Capital Market
Tech

EFG Hermes Leads Landmark EGP 5.1 Billion Corporate Bond Issuance for EFG Corp-Solutions, the Largest in Egypt’s Debt Capital Market

4 June، 2026
Eid in Dubai Shop, Scan & Win Rewards Campaign gave away AED 200,000 among 25 Lucky Winners –
Tech

Eid in Dubai Shop, Scan & Win Rewards Campaign gave away AED 200,000 among 25 Lucky Winners –

3 June، 2026
Apple launch  queues turn into Cairo scenes… but this time in front of cardoO
Tech

Apple launch queues turn into Cairo scenes… but this time in front of cardoO

22 May، 2026
ADVERTISEMENT
No Result
View All Result

Recent Posts

  • OPPO Continues Its Expansion in Egypt with the Opening of Its Fifth Branch in Benha  
  • Inception42 and NXT Holding Forge Strategic Partnership to Advance AI Collaboration Across the UAE and Beyond
  • Amr Abol-Enein Named Among Forbes Middle East’s Top 50 Asset Managers for 2026
  • J Communities launches, integrating New Jersey Developments into a unified investment platform
  • Qatar Airways Returns to Farnborough International Airshow 2026
  • Dubai Developments and AEMP Begin a New Chapter in Spark Mall’s Story
  • Standard Chartered partners with BlackRock to launch Asia Pacific multi-asset fund
  • Egyptian Developers to start delivering “Jaya East” project in Shorouk City next August
  • Hyde Park Developments and El Safa Hospitals Launch SAFA MEDI.PLEX to Expand Healthcare Services at Hyde Park New Cairo
  • Infinix Prepares to Launch a New HOT Series Smartphone in Egypt with AI-Powered Features and Enhanced Performance for Summer Adventures
  • PLDG Development completes first phase sales of “Etlala” project and prepares to launch the second one
  • People & Places Signs EGP 1.4 billion Construction Agreement with Redcon Construction for The Med, Ras El Hekma
  • Saudi Arabia set to participate in 2026 UN High-Level Political Forum on Sustainable Development
  • Almarai Delivers Strong Q2 2026 Growth and Resilient Profitability
  • Alliance of “El Etahad Development” with “Summit Development” and “Dynamic Group” launches “BAYAN Compound” project
  • Dubai Development introduces Walk’n project, delivering a new landmark destination in West Cairo
  • ticipates in FRANEX 2026 to Support Digital Transformation in the Franchise Sector
  • Standard Chartered and Circle launch first G-SIB-led integrated access to USDC minting and redemption
  • Response Plus Medical Shares Essential Summer Safety Guide to Help Protect Outdoor Workers in the UAE
  • Sea View Development partners with Absolute Hotel Services – Middle East & Africa to launch, operate U Residences & Hotel Sahl Hasheesh

      Egy Economy

      © 2023 - إيجى إيكونومى.. بوابة إلكترونية متخصصة فى تغطية أخبار البيزنس والاقتصاد فى مصر والعالم العربى.

      روابط هامة

      • Egy Economy
      • Privacy Policy
      • Advertise
      • Contact Us

      تابعنا

      Welcome Back!

      Login to your account below

      Forgotten Password?

      Retrieve your password

      Please enter your username or email address to reset your password.

      Log In
      No Result
      View All Result
      • Egy Economy
      • Economy
        • Local
        • International
      • Stock Markets
        • Stock Exchange
        • Cash
      • Prices
      • Real Estate
      • Tech
      • Tourism
      • More
        • Opinions
        • Success Story
        • Variety
      • العربية

      © 2023 - إيجى إيكونومى.. بوابة إلكترونية متخصصة فى تغطية أخبار البيزنس والاقتصاد فى مصر والعالم العربى.

      -
      00:00
      00:00

      Queue

      Update Required Flash plugin
      -
      00:00
      00:00