It has been another week of mostly small little in-dev ransomware that will never make it to distribution. In other news, Locky continues to send out large spam campaigns as it tries to become a major player again. Otherwise, not much to report, which we are always happy about.
Today, a victim of a new ransomware called Paradise posted in our forums and uploaded a sample so we could take a look at it. While this ransomware is not revolutionary by any means, since it is in active distribution and a Ransomware as a Service (RaaS), I thought I would provide a brief analysis of how this ransomware works.
Several security researchers have spotted a new Ransomware-as-a-Service (RaaS) portal over the weekend that lets anyone generate their own ransomware executable just by filling in three form fields and pressing a button.
Security researchers have finally got their hands on samples of two new strains of Mac malware that have been offered through Malware-as-a-Service (MaaS) portals on the Dark Web for almost two weeks now.
A portal hidden on the Dark Web is responsible for the small deluge of PadCrypt ransomware versions that have been spotted almost on a monthly basis in the past year.
A new Ransomware-as-a-Service has become available on the Dark Web, named FrozrLock, available for only $220, and advertised under the tagline of "great security tool that encrypts most of your files in several minutes."
A new Ransomware-as-a-Service (RaaS) portal is being advertised on an underground hacking forum, primarily used by Russian-speaking criminals.
A new Ransomware-as-a-Service (RaaS) named Karmen is currently being advertised and sold online on an infamous Russian-speaking underground hacking forum.
A ransomware author's plans to launch a RaaS portal were foiled last week after security researchers from Malwarebytes managed to infiltrate the crook's command and control server, hosted on a common shared hosting provider.
A new Ransomware-as-a-Service (RaaS) portal named Dot-Ransomware is behind the Unlock26 ransomware discovered this past week.
Out of the 62 ransomware families found active in 2016, security firm Kaspersky Lab says that 47 of these strains contained artifacts that allowed attribution to Russian-speaking criminals.
A new Ransomware-as-a-Service (RaaS) portal that recently launched on the Dark Web is peddling access to a fully-working ransomware distribution network for extremely low prices.
A new Ransomware as a Service, or RaaS, called Satan has been discovered by security researcher Xylitol. This service allows any wannabe criminal to register an account and create their very own customized version of the Satan Ransomware.
Wow... it has been a really busy week for ransomware. The top stories this week are the rise of Pop Culture Ransomware, as seen by two Pokemon variants and a Mr. Robot variant, and Check Point's Cerber report and short-lived, but useful, decryption service.
Check Point Software, along with IntSights, have released a very detailed report on the Cerber Ransomware and its Ransomware as a Service affiliate system. The revenue generated by the Cerber affiliate system is staggering, with Cerber generating $195,000 in profits for July and the malware developer taking a 40% cut from this total.
A new Ransomware as a Service, or RaaS, called the Shark Ransomware Project has been discovered. The Shark Ransomware Project offers would-be criminals the ability to create their own customized ransomware without needing any technical experience and by simply filling out a form and clicking a button.
This week we have leaked keys, analysis of a new family, 1 new ransomware variants, 3 new ransomware infections, and 1 new ransomware decryptor. It was a big week for the Petya and Mischa devs as they opened their Ransomware as a Service to the public and leaked 3,500 decryption keys for the Chimera Ransomware.
The developers behind the Petya and Mischa Ransomware infections have also released a Ransomware as a Service portal. This service allows malware distributors to earn a revenue share by distributing the Petya ransomware installers.
The Cerber ransomware is a new RaaS that encrypts your data and then demands 1.24 bitcoins to get the data back. This is also the first ransomware that utilizes the first VBS script that causes your computer speak to you about your encrypted files.