A new ransomware called GandCrab was released towards the end of last week that is currently being distributed via exploit kits. GandCrab has some interesting features not seen before in a ransomware, such as being the first to accept the DASH currency and the first to utilize the Namecoin powered .BIT tld.
When you think you've seen it all, malware authors always find a way to impress you. Today's "that's clever!" moment comes courtesy of a criminal group that's been spreading a new version of the Zeus Panda banking trojan since June, this year.
The Matrix Ransomware has started to be distributed through the RIG exploit kit. This article will provide information on what vulnerabilities are being targeted and how to protect yourself.
A malware developer using the pseudonym of Cehceny is currently advertising a new exploit kit on underground hacking forums.
Another major exploit kit (EK) looks like it's heading for the EK graveyard as activity from the RIG EK has fallen to less than 25% of what the exploit kit used to handle three months ago, in March 2017.
The Neutrino exploit kit, a former leader of the exploit kit market, appears to have shut down, with the last activity recorded at the start of April, well over two months ago.
A joint operation between various industry actors has led to tens of thousands of shadow domains being shut down and removed from the infrastructure of the RIG Exploit Kit (RIG EK).
King of copy-paste exploits, the Sundown exploit kit, has been offline since March 8, and this also includes most of its variations, according to security researcher Kaffeine and Jérôme Segura of Malwarebytes.
The Matrix Ransomware gears up for higher distribution by using EITest, the Rig Exploit kit, while being able to spread to other computer through malicious shortcuts.
Security researchers discover a new ransomware being distributed through the RIG exploit kit on Saturday. This ransomware has a strong resemblance to CTB-Locker, but does not appear to be related as it is programmed in Python.
Microsoft has patched a zero-day vulnerability that was used in the massive AdGholas malvertising campaign and later integrated into the Neutrino exploit kit.
Lots of news this week when it comes to ransomware. We have a Star Trek themed ransomware, new decryptors, lots of new crap ransomware, people modifying Petya for their own ends, and a new CryptoMix variant called Revenge. If your interested in ransomware, this week has a lot of news.
A new CryptoMix variant called Revenge has been discovered by Broad Analysis that is being distributed via the RIG exploit kit. This variant contains many similarities to its predecessor CryptoShield, which is another CryptoMix variant, but includes some minor changes that are described below.
Ransomware, ransomware, ransomware. It never seems to end. This week we see lots of little ransomware infections being developer or distributed. The good news is that we also have seen quite a few decryptors released to help those who were infected.
Reports released by different security vendors highlight that spam campaigns grew tremendously in 2016, as exploit kit activity fell after the three major players went down.
A new CryptoMix variant called CryptoShield 1.0 Ransomware has been discovered by ProofPoint security researcher Kafeine being distributed via EITest and the RIG exploit kit.
According to data gathered via the ID-Ransomware service, what all of us had predicted is now happening, as the Spora ransomware has started to spread to new territories outside former Soviet states.
The Sage 2.0 Ransomware, which is an updated variant of CryLocker, has been discovered being distributed by one of the same actors who is distributing Locky, Cerber, and Spora. Due to this there is a good chance of wider distribution of this ransomware. This guide provides information on Sage 2.0 and what to expect from it.
2017 is here and ransomware continues to pump out at a rapid pace. We have a lot of little variants popping up this week, with a special emphasis on malware devs adopting the FSociety brand name. We also have some new decryptors, a Christmas related ransomware, and plenty of small ransomware infections.
A cyber-crime infrastructure known in infosec circles as pseudo-Darkleech has been the source of many ransomware infections during the past year, either by malicious spam attachments or via automated attacks carried out via exploit kits.