A new ransomware called Mole was found by security researcher Brad Duncan while he was analyzing a new SPAM campaign. After examining this sample, I feel that this is probably another variant of the CryptoMix family as it has many similarities to the Revenge and CryptoShield variants.
A new CryptoMix variant called Revenge has been discovered by Broad Analysis that is being distributed via the RIG exploit kit. This variant contains many similarities to its predecessor CryptoShield, which is another CryptoMix variant, but includes some minor changes that are described below.
Lots of small little ransomware infections released this week that will most likely never make it into major circulation. The stories of interest this week are the Avast decryptor for offline CryptoMix infections, Trump Locker, and a new macOS ransomware called Packer.
Today, Avast released a decryptor for CryptoMix victim's that were encrypted while in offline mode. Offline mode is when the ransomware runs and encrypts a victim's computer while there is no Internet connection or the computer cannot connect to the ransomware's Command & Control server.
It is another week and more ransomware to alert everyone about. The biggest news this week is the release of Serpent Ransomware, which is a new version of the Wildfire Ransomware and the continuing rise of Spora as a major player in the ransomware threat landscape.
A new CryptoMix variant called CryptoShield 1.0 Ransomware has been discovered by ProofPoint security researcher Kafeine being distributed via EITest and the RIG exploit kit.