Ukrainian authorities and businesses are on alert after a local security firm reported that another accounting software maker got hacked and its servers were being used to spread malware.
Wow! What a brutal week. This week we have 37 ransomware stories, with 10 of them being on May 1st alone. Most of the new ransomware releases continue to be real crap, but together they add up to a wave of garbage that can do some serious harm.
Lots and lots of little crappy ransomware released this week with nothing new or innovative. We do have some interesting Spora stats, a story on the decline of Locky, and of course an updated decryptor by Fabian Wosar who continues to kick ransomware in the buttocks. Other than that, not really any of significance.
This week we continue to see lots of little ransomware being developed and new variants of existing ones. The big news is Spora and Sage 2.0 now being distributed by actors that normally distribute Locky and Cerber. This has caused a greater distribution of both of these ransomware infections.
This week we continue to see more ransomware being released as well as changes in the distribution of the larger ransomware infections. For example, Locky has had a very low distribution lately since the holidays, but according to the Cisco Talos Group, it is starting to pick up again.
2017 is here and ransomware continues to pump out at a rapid pace. We have a lot of little variants popping up this week, with a special emphasis on malware devs adopting the FSociety brand name. We also have some new decryptors, a Christmas related ransomware, and plenty of small ransomware infections.
Fabian Wosar of Emisoft has released a decrypter for version 3 of the Globe Ransomware. This decryptor will decrypt the Globe Ransomware variants that commonly append the .decrypt2017 and .hnumkhotep extensions to encrypted files.
Lots of small little ransomware updates with no big news from any major Ransomware distributions. The biggest stories this week is the 450k earned by the Samas group, Cerber being distributed as credit card payment notifications, and more associated partners to No More Ransom.
A bunch of small ransomware variants were released, but we did have a new release of the Locky Osiris variant and the interesting Popcorn Time. To me the most interesting story is Popcorn Time as they offer victims the ability to get a free decryption key if they can get two other people infected and have them pay the ransom.
Lots of small ransomware infections / screenlockers this week, but no major infections were discovered. Thankfully, security researchers were able to create a bunch of decryptors and make them available for victim's to recover their files. Of particular note was the San Francisco MTA getting hit hard by the HDDCryptor ransomware.
Lots of new ransomware variants, decryptors, and even a few new ransomware. Hidden Tear continues to be a royal PITA, but thankfully most of the crap based off of it is easily decrypted. The big news this week is the appearance of Hades Locker, which is rebranded version of the Wildfire Ransomware.
With both Pokemon and Mr. Robot based ransomware released this month, integrating pop culture into ransomware is a dominant theme this month. The new Globe Ransomware is no exception with malware developers basing their ransomware on the popular Purge movies.