Browsing tag
Millions of spam emails spread new ransomware variant on the day it first appeared. A new variant of ransomware known as Locky (detected by Symantec as Trojan.Cryptolocker.AF) has been spreading quickly since it first appeared on Tuesday (February 16). The attackers behind Locky have pushed the malware aggressively, using massive spam campaigns and compromised websites. […]
CTB-Locker ransomware spotted on a Linux machine. The website of the British Association for Counseling & Psychotherapy (bacp.co.uk) has been hit by a variant of the CTB-Locker ransomware, The Register reports. This may be the first time that ransomware has actually defaced a website in an attempt to convince its owners to pay up the […]
Another educational open-source ransomware project goes bad. Cyber-crooks have used the open-source code of the EDA2 ransomware to create the Magic ransomware strain, which has been spotted in real-life attacks against users in the past few days. This is the second time this happens, after the open-sourced code of the Hidden Tear ransomware was also […]
LeChiffre is yet another ransomware that recently has been observed to cause some major damage (in Mumbai – read more here). Not much material about it is available, so we decided to take a look. It is different than most of the ransomware present nowadays. Instead of spreading to users and automatically infecting their machines, […]
For a little over a month, researchers and previous victims have been quietly helping TeslaCrypt victims get their files back using a flaw in the TeslaCrypt’s encryption key storage algorithm. The information that the ransomware could be decrypted was being kept quiet so that that the malware developer would not learn about it and fix the flaw. Since […]
Cyber-crooks secretly develop new Asacub Android malware, deploy it for the first time this Christmas. Over the past six months, security experts from Kaspersky have observed the slow evolution of the Asacub malware from simple spyware that sniffed info about the device to a full-blown cyber-threat capable of collecting banking information, opening a backdoor on infected […]
Angler Exploit Kit is not going anywhere, it’s here to stay and already compromised 90,000 websites. The Angler Exploit Kit (AEK) is increasing its influence over the internet and according to an analysis from Palo Alto Networks more than 90,000 websites have been compromised by AEK, out of which 30 are listed among the Alexa top 100,000. Evidently, […]
We are all very familiar with URL shortening services, which are regularly used in Tweets and other social media. It is no secret that cyber criminals also use URL shorteners to aid them in achieving their objectives. URL shorteners are often used by cyber criminals to obfuscate redirects to malicious destinations. Recently, a URL shortening service […]
Short Bytes: A home-made ransomware open source code on GitHub, which was supposed to work for the educational purposes, has spread in the wild. It seems that the intention of the maker was something different along the way. Hidden Tear ransomware was open-sourced by a Turkish security group Otku Sen. This ransomware infects users by encrypting their […]
Lucky Linux server admins are lucky, ransomware is still a dud, fails to properly hide its encryption key. The Linux.Encoder ransomware has received a third update, which security researchers from Bitdefender have managed to crack, yet again, for the third time. Antivirus maker Dr.Web first discovered Linux.Encoder at the start of November 2015. News about the […]
Radamant ransomware v1 and v2 are now decryptable. Fabian Wosar, security researcher at Emsisoft, has managed to crack the encryption algorithm for the first two versions of the Radamant Ransomware Kit, and its creator was not happy at all with his actions. The first version of the ransomware which encrypted files with the .RDM extension was […]
Some lucky users are about to have a merry Christmas.Users that had the bad luck of getting infected with the Gomasom ransomware can now start sending Christmas gifts to Fabian Wosar, security researcher at Emsisoft, who managed to create a tool for decrypting files locked by this ransomware. Compared to other ransomware families, Gomasom is […]
We’ve been monitoring a malvertising campaign very closely as it really soared during the past week. The actors involved seem to be the same as the ones behind the self-sufficient Flash malverts/exploits we’ve documented before and reported by security researcher Kafeine (Spartan EK). One single domain (easy-trading.biz) is relaying all traffic to other ‘ad networks’ and ultimately to […]
A look inside your typical malware campaign.In an optimal scenario, when you get infected with malware, you think it’s only one virus. Unfortunately, in the real world it’s not so, and security analysts from Heimdal Security have unveiled details about a malware campaign that starts with infostealers, goes through exploit kits, and finishes with computers […]
A new campaign has come to light that spreads the CryptoWall 4.0 (file-encrypting ransomware program) using Angler exploit kit by inserting malicious coding into hacked web pages. This campaign was exposed by Denmark-based IT security firm Heimdal Security that involves installing various malware on the already compromised computer. Initially the notorious data stealer Pony is […]
Surreptitious attacks often prey on people visiting legitimate sites. A new wave of crypto ransomware is hitting Windows users courtesy of poorly secured websites. Those sites are infected with Angler, the off-the-shelf, hack-by-numbers exploit kit that saves professional criminals the hassle of developing their own attack. The latest round is especially nasty because before encryption, […]
A HACKER WHO broke into a large bank in the United Arab Emirates made good on his threat to release customer data after the bank refused to pay a bitcoin ransom worth about $3 million. The hacker, who calls himself Hacker Buba, breached the network of a bank in Sharjah last month reportedly identified as […]
Short Bytes: As we are making progress on the front of online security, the cybercriminals are competing head-to-head to target every device connected to the internet. A similar threat is being predicted to affect the medical devices in the form of ransomware that will send life threats and ask for money. This year we’ve seen an unprecedented […]
A PoC shows the future dangers for smart TV sets.Many cyber-security vendors view ransomware as 2016’s biggest threat, and to help drive this point home, a Symantec security researcher demonstrated how easy it can be to infect smart TVs and how hard it can be to clean the infection afterwards. The researcher did not reveal […]
The trend of using adult-themed Android apps to deliver malware is ramping up, as Zscaler security researchers are warning about two new such threats that have recently appeared on the market, both with low detection rates on virus scanning systems like VirusTotal. Zscaler previously uncovered two similar threats using pornography-themed apps that infected users with […]
We have received a lot of reports about a new ransomware that we are calling CryptInfinite based on the Windows Registry key created by this ransomware. Other sites have also been calling this ransomware DecryptorMax due to a hard coded string found inside the ransomware executable. At first glance this ransomware looked secure, but on further inspection by Fabian Wosar of Emisoft it was […]