Browsing tag
A new CryptoMix, or CryptFile2, variant called Revenge has been discovered by Broad Analysis that is being distributed via the RIG exploit kit. This variant contains many similarities to its predecessor CryptoShield, which is another CryptoMix variant, but includes some minor changes that are described below. As a note, in this article I will be referring to this […]
Hancitor has grown into the main five of the ‘most wanted’ malware families worldwide for the first time, reported by Checkpoint Threat Intelligence Research Team. Hancitor also called as Chanitor is typically sent as a macro-enabled empowered Office document in phishing messages with “critical” messages, for example, phone messages, faxes or invoices. Mostly the main 10 malware families […]
Researchers from Palo Alto Networks have come across a new ransomware family that combines many unique features, such as political statements, public subdomain creation, and encryption tiers. Named RanRan, researchers spotted infections with this threat in only one country in the Middle East. Researchers were drawn to this threat by the political implications for each […]
Last month at the RSA 2017 conference, we ran a live demo of Cylance’s UEFI Ransomware proof of concept at our ‘Hacking Exposed Next-Gen’ talk. In the demo, we targeted a system with an Intel Skylake CPU running Microsoft Windows 10 Enterprise (1607) with all updates installed. We activated all security features including Secure Boot, […]
A ransomware infection shut down the computer network of the Pennsylvania Senate Democratic Caucus on Friday morning, officials said in a statement issued to the local press. The infection affected the Caucus’ entire network, including its web server, which went down on Friday and is still down Monday morning, at the time of this article. […]
On Valentine’s Day, Mac users got a special “treat” in the form of new malware. Then, later that same week, there were signs of yet another piece of malware looming. These threats were overshadowed a bit by the discovery of the second ransomware app to ever appear on the Mac this week, but they’re still worthy of […]
The Necurs botnet is evolving and recently the experts at BitSight’s Anubis Labs discovered that it was improved to launch DDoS attacks. The Necurs botnet continues to evolve and recently it was used by crooks not only to spread the dreaded Locky ransomware but he was improved to launch DDoS attacks. According to the researchers BitSight’s […]
Android Malware which has admirable listening quality, force victim to speak unlock code. The latest variant of the Android ransomware named Android.Lockdroid.E is a great listener and it was identified by Symantec security team. The threat utilizes speech acknowledgment APIs and requires its victims to talk an open code rather than the conventional strategy for […]
A new b -as-a-Service (RaaS) portal named Dot-Ransomware is behind the Unlock26 ransomware discovered this past week. First spotted two days ago, this ransomware operation is quite unique as it features a very minimal and direct style, with little-to-no instructions and simple-designed ransom notes and ransom payment portal. Based on two messages left on the […]
Early this year, specialists cautioned of a spike in quantity of attacks against MongoDB frameworks, criminals asked for the payment of a ransom to return information and help the organization to settle the defect they abused. So also to the MongoDB attacks, owners are told to pay a 0.2 Bitcoin to deliver (approx. $200) to […]
Latest Android.Lockdroid.E variant uses speech recognition instead of typing for unlock code input. Being a good listener is normally considered an admirable quality in a person; however, it isn’t a quality you necessarily want to find in a piece of malware. The latest variant of the Android ransomware threat Android.Lockdroid.E is a great listener. In […]
A newly discovered ransomware family calling itself Patcher is targeting macOS users, but according to security researchers from ESET, who discovered the ransomware last week, Patcher bungles the encryption process and leaves affected users with no way of recovering their files. Based on the currently available information, the new Patcher ransomware is distributed via torrent […]
Emsisoft CTO and Malware Researcher Fabian Wosar has stated in the past that he wanted to perform an educational live stream about reversing malware. Today, after GDaata security researcher Karsten Hahn discovered a new ransomware called Hermes, Fabian decided to use it as the sample for his first live streaming session. The best part of it is that it turns […]
The security researchers at the Georgia Institute of Technology have simulated a ransomware-based attack on PLCs in a water treatment plant. The security researchers at the Georgia Institute of Technology have conducted an interesting research on the potential impact of ransomware on industrial control systems (ICS). The researchers David Formby, a Ph.D. student in the Georgia […]
An ultranationalist developer from Serbia is behind a series of malware strains, including a new ransomware family named SerbRansom, discovered yesterday by security researcher MalwareHunter. The ransomware itself is not a big threat at the moment, as it doesn’t appear to be part of a mass distribution campaign. Additionally, the quality of its source code […]
A new ransomware called DynA-Crypt was discovered by GData malware analyst Karsten Hahn that not only encrypts your data, but also tries to steal a ton of information from a victim’s computer. Ransomware and information stealing infections have become all-to-common, but when you combine the two into the complete mess that DynA-Crypt is, you are just left with a […]
A sample of a potentially new ransomware called Erebus has been discovered by MalwareHunterTeam on VirusTotal. I say that this is a potentially new ransomware because TrendMicro had reported another ransomware using the same name was previously released back in September 2016. Though I do not have a sample of the original Erebus, from its outward characteristics, […]
The infamous Lockdroid ransomware has gained a new feature, a banality among desktop malware, but a never-before-seen trick for Android ransomware. This new feature is the usage of a dropper component that scouts infected devices and then delivers the appropriate ransomware payload, based on the results. “Droppers” have been around for many years now, and […]
A ransomware infection that took root on late Tuesday night, January 31, affected several services provided by the local Licking County (Ohio) government infrastructure. The Linking County Commissioner’s Office acknowledged the incident in a series of Facebook posts According to officials, all government offices have been affected, some indirectly, after IT staff turned off the […]
These days, loads of guests of a high-priced inn in Austria were locked in or out in their rooms whilst ransomware hit the hotel’s IT gadget, and the resort had no preference left except paying the attackers. Nowadays, we are residing in a virtual age this is creating a digital headache for human beings and […]
In the past week, two security firms, Dr.Web and Emsisoft, suffered DDoS attacks at the hands of cyber-criminals who attempted to bring down their websites as payback for meddling with their illegal activities. The first attack hit Russian security firm Dr.Web, who revealed over the weekend that a DDoS attack hit its Russian and Ukrainian […]