A new ransomwareÂ called Mole was found byÂ security researcherÂ Brad DuncanÂ while he was analyzing a new SPAM campaign. After examining this sample, I feel that this is probably another variant of the CryptoMixÂ family as it has many similarities to theÂ Revenge and CryptoShieldÂ variants.
A new CryptoMix variant called Revenge has been discovered by Broad AnalysisÂ that is being distributed via the RIG exploit kit. Â This variant contains many similarities to its predecessor CryptoShield, which is another CryptoMix variant, but includes some minor changesÂ that are described below.
Lots of small little ransomware infections released this week that will most likely never make it into major circulation. The stories Â of interest this week are the Avast decryptor for offline CryptoMixÂ infections, Trump Locker, and a new macOSÂ ransomware called Packer.
Today, Avast released a decryptor for CryptoMixÂ victim's that were encrypted while in offline mode. Offline mode is when the ransomwareÂ runs and encrypts a victim's computer while there is no Internet connection or the computer cannot connect to theÂ ransomware'sÂ Command & Control server.
It is another week and more ransomware to alert everyone about.Â The biggest news this week is the release of Serpent Ransomware, which is a new version of the Wildfire Ransomware and the continuing rise of Spora as a major player in the ransomware threat landscape.
A new CryptoMixÂ variant called CryptoShieldÂ 1.0 Ransomware has been discovered by ProofPoint security researcher Kafeine being distributed via EITest and the RIG exploit kit.