Very very quiet week this. Not much new ransomware to report and only released of well known variants like Matrix, Unlock92, and Dharma ransomware infections. The biggest news was the shut down of numerous restaurants that are part of the Recipe Unlimited group and the Kraken Cryptor ransomware being distributed by the Fallout Exploit kit.
Contributors and those who provided new ransomware information and stories this week include: @fwosar, @jorntvdw, @malwrhunterteam, @Seifreed, @PolarToffee, @demonslay335, @LawrenceAbrams, @BleepinComputer, @DanielGallagher, @FourOctets, @hexwaxwing, @struppigel, @malwareforme, @JakubKroustek, and @nao_sec.
Michael Gillespie discovered a new variant of the Matrix Ransomware that appends the .EMAN extension and drops a ransom note named #README_EMAN#.rtf.
Jakub Kroustek found a new CrySiS/Dharma variant that appends the .btc extension and drops ransom notes named Info.hta and FILES ENCRYPTED.txt.
A Canadian company that owns many popular restaurant chains has been told to pay ransom in bitcoin to retrieve data that hackers claim to have stolen.
The Fallout Exploit has been distributing the GandCrab Ransomware for the past few weeks, but has now switched its payload to the Kraken Cryptor Ransomware.
Jakub Kroustek found a new CrySiS/Dharma variant that appends the .bgtx extension and drops ransom notes named Info.hta and FILES ENCRYPTED.txt.