The cyber threat team at retail giant Walmart has dissected a new ransomware family dubbed Sugar, which is available to cybercriminals as a ransomware-as-a-service (RaaS).
The Sugar ransomware family is written in Delphi and borrows objects from other ransomware families out there. It was initially spotted in November 2021, but hasn’t been detailed before.
Unlike the most prevalent ransomware families out there, Sugar mainly targets individual computers rather than enterprise networks, but that doesn’t make it less dangerous, especially since it is offered as a RaaS. According to Walmart, one of the most interesting features of Sugar is its crypter. Not only does it employ a modified version of the RC4 encryption, but code from the crypter is being reused in the ransomware itself