It has been a very slow week for ransomware, which we are always happy about. While ransomware will never go away completely, as time goes on, more people become educated, and better backup strategies are created, we continue to see ransomware slowly diminishing.

Unfortunately, there is something always ready to fill a vacuum. According to a new report by Kaspersky Labs, miners have been increasing steadily and have become a favorite for malware developers.

Contributors and those who provided new ransomware information and stories this week include: @jorntvdw, @malwrhunterteam, @LawrenceAbrams, @fwosar, @struppigel, @campuscodi, @demonslay335, @malwareforme, @BleepinComputer, @FourOctets, @Seifreed, @PolarToffee, @hexwaxwing, @DanielGallagher@Amigo_A_, @TalosSecurity, @SmugYeti.

June 25th 2018

New Help RotorCrypt variant

Michael Gillespie found a new RotorCrypt variant that does not use an extension, but drops a ransom note named HELP.

RotorCrypt

June 26th 2018

Thanatos Ransomware Decryptor Released by the Cisco Talos Group

Back in February we wrote about a new ransomware called Thanatos that was encrypting victim's data, but contained flaws that would not allow the authors to decrypt a victims files even if they paid. Thankfully, the Cisco Talos Group was able to find a method to break the encryption routine in order to create a decryptor that allows victims to recover their files for free.

June 27th 2018

One year anniversary of NotPetya attack

Today was the one year anniversary of the NotPetya ransomware attack.

 

New Aurora Ransomware variant

Michael Gillespie noticed that ID Ransomware has been getting new submissions for a Aurora Ransomware variant with a ransom note of !-GET_MY_FILES-!.txt,

Ransomware and malicious crypto miners in 2016-2018

In a report by Kaspersky Lab:

"This year, however, we came across a huge obstacle in continuing this tradition. We have found that ransomware is rapidly vanishing, and that cryptocurrency mining is starting to take its place."

June 28th 2018

New Scarab Amensia variant

Amigo-A found a new variant of the Scarab Ransomware Amensia strain that uses the extension .ssimpotashka@gmail.com.

June 29th 2018

Blood Jaws ransomware discovered

MalwareHunterTeam found a new ransomware called Blood Jaws.

AnimusLocker Discovered

Karsten Hahn found a new ransomware named AnimusLocker that uses a ransom note of ANIMUS_RESTORE.txt.

ID Ransomware can detect 600 ransom families

Congrats to Michael Gillespie for reaching a milestone for his ID Ransomware site being able to detect 600 ransomware families!

That's it for this week! Hope everyone has a nice weekend!

 

Related Articles:

Thanatos Ransomware Decryptor Released by the Cisco Talos Group

WannaCry Déjà Vu: Petya Ransomware Outbreak Wreaking Havoc Across the Globe

Vaccine, not Killswitch, Found for Petya (NotPetya) Ransomware Outbreak

Vaccine Available for GandCrab Ransomware v4.1.2

King Ouroboros Ransomware Dev Vents to Researchers on Twitter