The Kangaroo ransomware is the latest ransomware from the developer behind the Apocalypse Ransomware, Fabiansomware, and Esmeralda. What makes this version stand out a bit more is the use of a legal notice as a ransom note that is displayed to all victims before they login to their computer.
Fabian Wosar, Emsisoft security researcher, is facing a moral dilemma like very few security researchers have faced before.
This has been the slowest ransomware week in a long time! Thank you devs for giving me some time to do other things! For this week we have some smaller ransomware releases as well as new updates to existing ransomware. We also have the continuing saga of Fabian smacking the Stampado and Apocalypse devs around with new decryptors.
This week we have 8 stories, new ransomware, scams, taunts, and decryptors. Of particular note is the Fairware Ransomware scam being installed via hacked Linux Redis server. We also have malware developers taunting security researchers, a new Cerber version, and a new ransomware that uploads info about the computer.
Wow... it has been a really busy week for ransomware. The top stories this week are the rise of Pop Culture Ransomware, as seen by two Pokemon variants and a Mr. Robot variant, and Check Point's Cerber report and short-lived, but useful, decryption service.
This was a slow ransomware week in the beginning, but picked up steam towards the end. This week we had 1 new decryptor, 4 new ransomware infections, a new variant of CrytpXXX, and the reemergence of PadCrypt.
This was a big week for ransomware news primarily because the Necurs Botnet returned with a new campaign for the Locky ransomware. This week we also have 5 new ransomware infections, a change in the CryptXXX extension, and to end on a good note, a couple of decryptors.
A new variant of the Apocalypse Ransomware was released that utilizes the VMProtect software protection product. Fabian Wosar, of Emsisoft, was able to able to get the past the VMProtect protection and create a new decryptor for this variant.
This week started slow, but finished with a lot of ransomware infections released towards the end of the week. This week we have 6 new Ransomware infections, 1 new Jigsaw variant, 1 screen locker, and an update to the CryptXXX infection.
A new ransomware called Apocalypse was released that encrypts your data and then appends the .encrypted extension to them. It then requires you to email email@example.com in order to get instructions on how to pay the ransom. For those who have been affected, Fabian Wosar of Emisoft has released a free decryptor.