Lots and lots of little crappy ransomware released this week with nothing new or innovative. We do have some interesting Spora stats, a story on the decline of Locky, and of course an updated decryptor by Fabian Wosar who continues to kick ransomware in the buttocks. Other than that, not really any of significance.
A remote code execution flaw in the SAP Windows client opens the door for ransomware attacks targeting enterprises that rely on various SAP products to manage and keep track of their business operations.
A new ransomware was discovered today by MalwareHunterTeam called LLTP Ransomware or LLTP Locker that is targeting Spanish speaking victims. On a closer look, this ransomware appears to be a rewritten version of the VenusLocker ransomware.
A new Indiana bill plans to make ransomware attacks a crime on its own punishable with a sentence from one to six years in prison, and a maximum fine of up to $10,000.
Over the past six months, the number of Locky ransomware infections has gone down and is expected to reach an all-time low this month, in March.
Lots of news this week when it comes to ransomware. We have a Star Trek themed ransomware, new decryptors, lots of new crap ransomware, people modifying Petya for their own ends, and a new CryptoMix variant called Revenge. If your interested in ransomware, this week has a lot of news.
Boldly going where no man has gone before, the Kirk Ransomware brings so much nerdy goodness to the table that it could make anyone in IT interested. We have Star Trek, Low Orbital Ion Cannons, a cryptocurrency payment other than Bitcoin, and a decryptor named Spock! Need I say more?
Ransomware operators have changed tactics again, making the job of security vendors harder once more, as they switched to a new method of packing their malware inside NSIS installers.
A new CryptoMix variant called Revenge has been discovered by Broad Analysis that is being distributed via the RIG exploit kit. This variant contains many similarities to its predecessor CryptoShield, which is another CryptoMix variant, but includes some minor changes that are described below.
A ransomware author's plans to launch a RaaS portal were foiled last week after security researchers from Malwarebytes managed to infiltrate the crook's command and control server, hosted on a common shared hosting provider.
A heavily modified, but "unauthorized" version of the Petya ransomware has been seen by Kaspersky researchers used in targeted attacks on a small number of organizations.