Browsing tag
Misconfigured server led to Encryptor RaaS’ downfall. After law enforcement seized servers belonging to Encryptor RaaS, a Ransomware-as-a-Service cyber-crime portal, the site’s operators decided to close it down for good over the summer and deleted the master decryption key that would have allowed victims to recover their files. This action from the Encryptor RaaS owner […]
Today we bring you Princess Locker; the ransomware only royalty could love. First discovered byMichael Gillespie, Princess Locker encrypts a victim’s data and then demands a hefty ransom amount of 3 bitcoins, or approximately $1,800 USD, to purchase a decryptor. If payment is not made in the specified timeframe, then the ransom payment doubles to […]
Ransomware in its various forms continues to make headlines as much for high-profile network disruptions as for the ubiquity of attacks among consumers. We recently noted the non-linear growth of ransomware variants and now a new type has emerged, dubbed MarsJoke. Proofpoint researchers originally spotted the MarsJoke ransomware in late August [1] by trawling through […]
Hackers are increasingly targeting healthcare institutions with malware because of their poor cyber-security posture, reliance on legacy IT systems, third-party services and the need to access information as soon as possible in order to deliver great patient care. These are the conclusions released in a new report entitled McAfee Labs Threats Report: September 2016. It […]
Scammers will always try and imitate legitimate tools and services in an effort to trick people into harming their accounts and devices. If it isn’t fake logins, it’s dubious links on social media. If we’re wading knee deep in 419 emails, you can bet another round of tech support scams will be along in a […]
A Brazilian Infosec research group, Morphus Labs, just discovered a new Full Disk Encryption (FDE) Ransomware this week, dubbed Mamba. Mamba, as they named it, uses a disk-level encryption strategy instead of the conventional file-based one. This may be just the beginning of a new era for the Ransomwares. In this article, Renato Marinho (@renato_marinho), […]
The Shark Ransomware Project that appeared in July 2016 has rebranded as the Atom Ransomware Affiliate Program, offering an improved service for crooks that want to start a life in cyber-crime. We don’t know why the project rebranded, but there have been several reports from security vendors and various media publications that have broken down […]
A new ransomware that pretends to be from a fake organization called the Central Security Treatment Organization has been discovered by security researcher MalwareHunterTeam. When the Central Security Treatment Organization, or Cry, Ransomware infects a computer it will encrypt a victim’s files and then append the .cry extension to encrypted files. It will then demand approximately 1.1 bitcoins, or $625 […]
Sundown EK fails to improve market share among fellow EKs. The Sundown exploit kit (EK), which has been trying to fill the void left by the death of the Angler and Nuclear EKs, is nothing more than a collection of copy-pasted exploits, according to Trustave’s SpiderLabs team. Sundown, first spotted in June 2015, was for a […]
A new ransomware called Alma Locker has been discovered by Proofpoint researcher Darien Huss that encrypts a victim’s data and then demands a ransom of 1 bitcoin within five days. There has been a lot of ransomware released lately, but thankfully most of them have been broken implementations or have had suspended command and control servers. Though Alma Locker still […]
With so much attention focused on the file encrypting-type ransomware it’s easy to forget the simpler variety, which pops up when your PC boots and won’t allow access to your system until you pay up. Even these basic infections can sometimes be tricky to remove, but Trend Micro offers a couple of tools which may […]
These cases include ransomware infection and DDoS attacks! Enjoy Everyone has been talking about the growing threat of ransomware and non-stop distributed denial-of-service (DDoS) attacks. Previously, DDoS attacks were part timers but with the idea of demanding money through ransomware, there have been several cases of non-stop DDoS attacks forcing users to pay the attackers in order […]
Crooks hijack the FSociety brand for a lame ransomware. Fans of the Mr. Robot TV show would be glad to know that real-life crooks are taking inspiration from the TV series, and are now using the FSociety name and logo to develop a ransomware around this brand. Mr. Robot is a USA Network TV show that […]
New free ransomware project appears online. Hooray!!! Serbian security researcher GrujaRS shared with Softpedia a ransomware project called Shark, freely distributed on the Deep Web, but which appears to be a scam at a closer inspection, even if it produces valid and running ransomware payloads. Anyone can download a version of the Shark builder from the […]
With the threat of ransomware hanging over every company’s head, does it make sense for companies to stockpile a few bitcoins in the event of a ransomware attack? Yeah, yeah, I know the party line. You should never pay the ransomware developers as it only encourages them to continue. I am a realist, though, and sometimes […]
Short Bytes: To safeguard small and medium-sized businesses against ransomware attacks, Kaspersky is offering free anti-ransomware tool. Available for Windows platform, this tool is compatible with the third-party security solutions. The software uses Kaspersky Security Network and System Watcher to keep itself alert and prevent the infection. In the past couple of years, the dangers posed by […]
Proofpoint researchers originally discovered the CryptFIle2 ransomware in March [1]. At the time, it was spreading via exploit kits (EKs); however, beginning on August 3, 2016, we detected the first large-scale email campaign distributing CryptFIle2, allowing a degree of targeting not generally possible with EKs. This ongoing campaign appears to be targeting primarily state and […]
Hackers who want to make money but don’t want to get involved in the messy business of extracting payment from victims have turned to a malware-as-a-service business model. They write the code and sell subscriptions to the cyber criminals who deploy it in the wild. Crypto ransomware (malware that encrypts files and demands ransom for the decryption […]
Tagged as “Ranscam”, Powershell and script-based malware is a botched smash-and-grab. There has been a lot of ingenuity poured into creating crypto-ransomware, the money-making malware that has become the scourge of hospitals, businesses, and home users over the past year. But none of that ingenuity applies to Ranscam, a new ransom malware reported by Cisco’s Talos […]
Security researcher BloodDolly recently discovered a new file encrypter called Alfa Ransomware, or Alpha Ransomware, which is from the developers of Cerber. As BloodDolly is still currently analyzing this ransomware, not much is known about this ransomware at this time. Preliminary reports, though, indicate that files encrypted by Alfa Ransomware are not decryptable. For those […]
The upcoming version of Android introduces a new condition so the “resetPassword” API cannot be used to reset a device’s password. The change impacts both ransomware and disinfectors. Android.Lockdroid.E variants with new functionality emerged during the last quarter of 2015 as part of the continued Android ransomware evolution. These variants scare victims with a system […]