This week was for the most part only small variants released. Of particular interest is the release of two CryptoMix variants and a in-development ransomware that is specifically targeting the J.Sterling Morton high school students through a fake student survey.
Mostly small silly variants released this week, but we did have a few interesting stories. The bigger stories include a new variant from Crysis released, a wiper disguised as a ransomware targeting companies in Germany, and hackers using RDP to install the LockCrypt ransomware.
Mostly small variants released this week, but we did have a new ransomware called GIBON that is interesting, and even better, decryptable. The other interesting news is about the ONI ransomware that appears to have be used as a smokescreen or wiper for an extended attack against Japanese companies.
Lots of ransomware in the news this week. Of course the biggest story was the Bad Rabbit outbreak that targeted numerous countries, but mostly Russia and the Ukraine. We also had the Tyrant Ransomware, which was targeting Iranian companies.
This week we had our fair share of smaller variants being distributed or created, but the big news was by far the release of Magniber and the use of the Hermes ransomware as a cover to steal money from a Taiwan bank. With the release of Magniber we also see the downward spiral of Cerber,.
Not much to report this week as we did not have a lot of releases of new variants or updated existing variants. The biggest news was the discovery of the RedBoot bootlocker ransomware and Locky continuing its mass spam campaigns.
The big news this week is a new variant of the Locky ransomware and its distributors continuing to use massive spam campaigns to distribute it. In other news, we had some small variants that will never make it into distribution or are jokes, but have an interesting "twist" to them.
It has been another week of mostly small little in-dev ransomware that will never make it to distribution. In other news, Locky continues to send out large spam campaigns as it tries to become a major player again. Otherwise, not much to report, which we are always happy about.
We have good news for once, which is a really slow week when it comes to ransomware. While we still had our share of smaller ransomware variants being release, overall there was not a lot of activity. The biggest activity is the continued by Locky distributors to become more widespread through the use of a variety of SPAM campaigns.
This week has seen a big push by Locky using numerous distribution campaigns to try and claim a spot with the big boys. Other than the normal releases of small ransomware creations, we also saw the RIG exploit kit pushing the Princess Ransomware.
This week has been dominated by GlobeImposter releases that do not seem to stop. We also have a few CryptoMix variants and smaller ransomware variants. Otherwise, no big news released this week, which is always a good thing.
This week has mostly been about small variants being released, GlobeImposters all over the place, and some new CryptoMix variants. Of particular interest is a self-healing file system called ShieldFS that shows great promise in ransomware protection and some research from Google about how ransomware devs cash out their payments.
Really slow week, which is great. We did have some decryptors and updated decryptors released this week, which is always great. Of particular concern is the increase releasing of new CryptoMix variants. Thankfully, these variants do not seem to be netting to many victims at this time..
It has been another crazy week when it comes to ransomware due to the NotPetya outbreak. This ransomware/destructive malware played havok all over the world, but especially the Ukraine, when it was unleashed on Tuesday. Other than that, the rest of the ransomware news was basically small variants being developed or released.
What a crazy week. The biggest news is that we had a hosting company who actually paid a 1 million dollar (think Dr. Evil) ransomware payment. We then had the return of Locky, which at one point was the preminent ransomware being distributed. Will have to see if it can become king of the hill again.
For the most part, mostly in-development ransomware released this week. No really major ransomware variants released that are much of a threat. The big news, though, is that Kaspersky was able to figure out how to crack the decryption for the Jaff Ransomware and release a free decryptor.
Another week of mostly small ransomware releases. Ultimately, this is a good thing as the vast majority of these are never released. Of biggest note is a macOS RaaS, a new Jaff variant, and the potential for a new ransomware called Spectre.
This has been a week of pure junk ransomware releases and decryptors. As most of these smaller ransomware variants never make it into actual distribution, I call this a win for the good guys. The big news this week is the release of the master decryption key for XData and updated an updated decryptor for Amnesia2.
This week was a busy with lots of little variants discussed below and a new version of the Jaff Ransomware circulating via MALSPAM. The big news is that AES-NI decided to close shop and has starting releasing the master decryption keys so people can get their files back for free.
Was a good week as not a lot of news when it comes to ransomware. Some more in-dev crap and nothing really new this week. The biggest news is that Cerber is now being distributed via MALSPAM that utilizes CVE-2017-0199 in the attached DOC files.