Last week the Fallout Exploit kit was distributing the GandCrab ransomware. This week, it has started to distribute a new ransomware called SAVEfiles, for lack of a better name, through malvertising campaigns.
The Kraken Ransomware is a newer ransomware that was released in August 2018. A new version, called Kraken 1.5, was recently released that is masquerading as the legitimate SuperAntiSpyware anti-malware program in order to trick users into installing it.
It has been a quiet week with just small variants and new variants of existing ones such as Matrix. As much as we would like to see ransomware die off altogether, it is hear to stay.
Every once in a while you come across a really strange malware and such is the case with a new ransomware that only encrypts .EXE files on a computer. It then displays a screen with a picture of President Obama that asks for a "tip" to decrypt the files.
Even the ransomware developers seem to be taking a last minute summer vacation as it was only small variants released, with a few being in development. I am hoping this is just a continual decline in new ransomware, but we will not know for sure until we start moving into September.
This week a new CryptoJoker ransomware variant was discovered called CryptoNar that has infected victims. The good news, is that a free decryptor was quickly released so that these victims can get their files back for free.
This week we had seen quite a few campaigns that had widespread distribution. These campaigns are either being installed over accessible Remote Desktop Services or malspam. The biggest news is a variant of the Hermes ransomware called Ryuk that has generated over 600k USD for the developers.
A new ransomware strain named Ryuk is making the rounds, and, according to current reports, the group behind it has already made over $640,000 worth of Bitcoin.
A malspam campaign is underway that pretends to be an invoice for an outstanding payment. When these invoices are opened they install the AZORult information stealing Trojan and the Hermes 2.1 Ransomware onto the recipient's computer.
A new variant of the Matrix Ransomware has been discovered that is renaming encrypted files and then appending the .FOX extension to the file name. Of particular interest, this ransomware could have the most exhaustive process of making sure each and every file is not opened and available for encrypting.
Towards the end of July 2018, we saw a new version of the AZORult trojan being used in malware campaigns targeting computers globally. In this article, we will dive into the malware and analyze its execution flow and payloads.
The biggest news was the release of the Princess Evolution RaaS and a new variant of the Dharma ransomware utilizing the .cmb extension for encrypted files. Otherwise, it was mostly small variants released that will not likely have many victims.
A new variant of the Princess Locker ransomware is being distributed called Princess Evolution. Like its predecessor, Princess Evolution is a Ransomware as a Service, or RaaS, that is being promoted on underground criminal forums.
On Monday, a Florida judge sentenced a former Microsoft network engineer to 18 months in prison for his role in helping launder money obtained from victims of the Reveton ransomware.
This was a pretty quiet week with mostly small variants, one new active release, and a large organization getting hit. This article outlines what new ransomware has been released and other ransomware related stories.
According to reports, computers at the PGA have been infected with ransomware. The victims learned they were infected on Tuesday when ransom notes started appearing on their screen.
This week was mostly small variants, but we did have some interesting news. First we had a in-depth look at the SamSam ransomware by Sophos that details the staggering amount of money they are generating and the GandCrab devs trying to get back at AhnLab for creating a GandCrab vaccine
The author of the GandCrab ransomware is a little bit bitter at South Korean security vendor AhnLab after the security firm released a vaccine for the GandCrab ransomware.