It has been a very slow week for ransomware, which we are always happy about. While ransomware will never go away completely, as time goes on, more people become educated, and better backup strategies are created, we continue to see ransomware slowly diminishing.

Unfortunately, there is something always ready to fill a vacuum. According to a new report by Kaspersky Labs, miners have been increasing steadily and have become a favorite for malware developers.

Contributors and those who provided new ransomware information and stories this week include: @jorntvdw, @malwrhunterteam, @LawrenceAbrams, @fwosar, @struppigel, @campuscodi, @demonslay335, @malwareforme, @BleepinComputer, @FourOctets, @Seifreed, @PolarToffee, @hexwaxwing, @DanielGallagher@Amigo_A_, @TalosSecurity, @SmugYeti.

June 25th 2018

New Help RotorCrypt variant

Michael Gillespie found a new RotorCrypt variant that does not use an extension, but drops a ransom note named HELP.


June 26th 2018

Thanatos Ransomware Decryptor Released by the Cisco Talos Group

Back in February we wrote about a new ransomware called Thanatos that was encrypting victim's data, but contained flaws that would not allow the authors to decrypt a victims files even if they paid. Thankfully, the Cisco Talos Group was able to find a method to break the encryption routine in order to create a decryptor that allows victims to recover their files for free.

June 27th 2018

One year anniversary of NotPetya attack

Today was the one year anniversary of the NotPetya ransomware attack.


New Aurora Ransomware variant

Michael Gillespie noticed that ID Ransomware has been getting new submissions for a Aurora Ransomware variant with a ransom note of !-GET_MY_FILES-!.txt,

Ransomware and malicious crypto miners in 2016-2018

In a report by Kaspersky Lab:

"This year, however, we came across a huge obstacle in continuing this tradition. We have found that ransomware is rapidly vanishing, and that cryptocurrency mining is starting to take its place."

June 28th 2018

New Scarab Amensia variant

Amigo-A found a new variant of the Scarab Ransomware Amensia strain that uses the extension

June 29th 2018

Blood Jaws ransomware discovered

MalwareHunterTeam found a new ransomware called Blood Jaws.

AnimusLocker Discovered

Karsten Hahn found a new ransomware named AnimusLocker that uses a ransom note of ANIMUS_RESTORE.txt.

ID Ransomware can detect 600 ransom families

Congrats to Michael Gillespie for reaching a milestone for his ID Ransomware site being able to detect 600 ransomware families!

That's it for this week! Hope everyone has a nice weekend!


Related Articles:

Fallout Exploit Kit Pushing the SAVEfiles Ransomware

GandCrab V5 Released With Random Extensions and New HTML Ransom Note

The Week in Ransomware - September 21st 2018 - Beer, Airports, & Dharma

Gamma, Bkp, & Monro Dharma Ransomware Variants Released in One Week

Romanian Woman Admits Involvement in Hacking Attack On Washington Police Computers