Browsing category
Gandcrab Ransomware Attack being targeted users via compromised websites and leveraged multiple MySQL vulnerabilities to attack various windows users. Most of the small-medium businesses websites are not aware of new vulnerabilities that released to compromise the websites. Gandcrab Ransomware is wide spreading Ransomware nowadays with newly updated futures under constant development to target various countries. It […]
Newly discovered BlackRouter ransomware propagating thorough Well-known remote desktop tool called AnyDesk along with malicious Payload. AnyDesk is widely used Remote Desktop Tool similar to Teamviewer that capable of bidirectional remote control between different desktop operating systems, including Windows, macOS, Linux and FreeBSD, as well as unidirectional access on Android and iOS. Cybercriminals abusing AnyDesk […]
SamSam Ransomware newly evolved with improved sophisticated capabilities and carefully selected the specific organizations such as hospitals, schools, and government sectors those who most likely to pay the ransom amount to get their data back. Unlike other Ransomware, SamSam trying to exploiting the critical vulnerabilities in target organization network instead of using wide spreading Spam […]
Hackers infiltrated Massachusetts school district Leominster school computer system earlier this month and locked down the computer system asking for $10,000 ransom to be paid. The school paid ransom to unlock computer system from Ransomware Attack on April 20 and systems not yet fully restored. Police Chief Michael Goldman said the school system is lockdown and […]
One of the famous Indian Hacking group called “Kerala Cyber Warriors” compromised Pakistan based Welfare organization website and encrypt the website files using KCW Ransomware. This group of hackers actively attacking over 1000 of Pakistan and Bangladesh based websites such as government websites, airport websites for various motivations. KCW (Kerala Cyber Warriors) Ransomware used to encrypting the website […]
A Brand new ransomware attack widely distributed and infect the users based on their geolocation by checking the infected device IP address. Malware authors designed this ransomware to avoid encrypting files for specific countries such as Russia, Belarus, and Kazakhstan. If the Windows users infected by this Ransomware, it tries to find the device location […]
Authors of the 3 critical Ransomware Family Polski, Vortex, and Flotera has been arrested in Poland and authorities Seized their computer equipment including the Laptop and servers as well as the Private keys. Tomasz T. – a Polish citizen who lives permanently in Belgium (known as Thomas or Armaged0n) responsible for conducting cybercrime such as […]
SamSam Ransomware campaign evolution continues and this time a new variant but there is no difference in the encryption mechanism when compared to old variants. With the new variant some string obfuscation and anti-analysis techniques added to make detection difficult. The SamSam ransomware campaign targetting multiple industries including Government, Healthcare, ICS and also the individuals […]
Now any anyone can become a distributor of newly identified Saturn ransomware through the Ransomware as a Service affiliate program. To become a distributor of ransomware all you need is to signup in the RaaS portal download a copy and distribute it. The Raas portal was detected and analyzed by Bleeping Computer, the Saturn ransomware […]
Researchers discovered a new Ransomware as a service threat available in the Dark web with free of cost without any registration. Instead of distributing the Malware and infect the computer, Malware authors are earning money by selling their malware via Ransomware as a service cybercrime business model. In this case usually, ransomware developer host their […]
Security researchers from Malwarebytes detected Scarab ransomware variant distributed through RDP and used AES algorithm for encryption. The Scarabey variant is written in Delphi and it is identical to Scarab version the only change is the addresses of code and memory data references. The popular version of the Scarab Ransomware distributed by a Necurs botnet […]
A New Spritecoin Ransomware Discovered which is Demanding the Monero Crypto Currency to Decrypt the victim’s files instead of traditional and widely using Ransomware payment Cryptocurrency Bitcoin. A Monero Cryptocurrency has been created in 2014, the current price is $316 USD and it’s widely getting popular in cryptocurrency world. Spritecoin Ransomware also Pretending as a […]
Ransomware is one of the fast Growing threat in the worldwide and its considered as a leader of Global cyber attack in recent days which cause some dangerous issues and loss in many organizations and individuals. Here is the Ransomware Checklist for Attack Response and Mitigation. The ransomware is a turnkey business for some criminals, and victims […]
A Newly discovered Spider Ransomware widely spreading around the world which delivery through decoy Office documents that usually spreading via the malspam campaign. This Spider Ransomware using Email is a medium to spreading across to the victims machine and an email attachment contains bogus office document which actually comes with VB Script agent. In this year, some […]
A new File Encoder Ransomware discovered with new stealthy capabilities that have implemented in VBA macros called qkG Filecoder that are entirely related to blank Word documents Based. qkG Filecoder is the First Ransomware that capable of self Self-Replicating capabilities from one file to another, and unlike other ransomware families, its uses malicious macro code to […]
Necurs bot well known for biggest single malware spam campaigns contains nearly 5 million infected bots, of which one million active each day. In the past, it is responsible for spreading various ransomware like JAFF Ransomware, banking trojan Trickbot now it is distributing Scarab Ransomware. Security researchers from F-Secure, Forcepoint, MalwareHunterTeam and myonlinesecurity spotted Necurs evolving […]
Locky Ransomware has a piece of a history of going silent and growing back all of a sudden.It is evolving again and spreading via Microsoft Office Word documents. A new wave of locky spreading through Office word documents and well as Libra office documents and the attachment looks like below. Security researchers from Avira detected […]
A New ransomware family called “Bad Rabbit” rapidly spreading across the Eastern European countries affecting government and private agencies including Russia, Ukraine, Bulgaria, and Turkey. Bad Rabbit is a previously unknown ransomware family and it is distributing mostly via drive-by attacks using Adobe Flash player and no Exploit were used by this Bad Rabbit ransomware. Drive-by Attacks […]
Dangerous Android Banking Trojan “LOKIBOT” has distributed around the world with sophisticated Ransomware future and demanding around $70 and $100 from compromised victims. Based on the BTC Address that has been used in source code, this Ransomware already infected many victims and earned more than $1.5 Million around the world. It uses Phishing overlay attack with […]
Security researchers from ESET spotted a new Android ransomware DoubleLocker which encrypts all the files on your device and also it changes the device PIN and set to random value. It is the first ever ransomware that misusing Android accessibility services, it can change device’s PIN to prevent users from accessing the device and also […]
The onset of Locky Ransomware campaign was thought to be evolutionary, but around the clock the campaign has grown to be revolutionary. We had been monitoring and sharing Locky campaign updates since last month till date. It was observed that almost 23 million messages were sent in last 24-hour period, making it one of the largest […]