A new Android RAT (Remote Access Trojan) detected under the name of GhostCtrl can lock mobile device by resetting their PIN and display a ransom note to infected victims.
It has been a slow week in terms of new releases, which is always a good thing. Still lots of small crapware being released that will never have much wide distribution. We also have some good news, which is the release of a NemucodAES decryptor by Emsisoft. This allows victims of this ransomware to get their files back for free.
Fabian Wosar of Emsisoft has been able to crack the decryption used by the NemucodAES ransomware so that victims can get their files back for free. This guide will walk you through using the decryptor and provide a brief explanation on the NemucodAES Ransomware.
Australian police have arrested a man from the city of Mackay on allegations of laundering money for the operators of a tech support and ransomware scheme.
Google has removed two apps that contained a new strain of ransomware named LeakerLocker. Discovered by security researchers from McAfee's mobile division, the ransomware didn't encrypt users' files, but only locked their device and threatened to send the user's private data to friends from his contact list.
Been a great week for victims, with decryptors coming out for BTCWare, Cryptomix, Executioner, and the release of the original Petya key. Otherwise, it has been a lot of NotPetya news and numerous smaller variants being released.
The author of the original Petya ransomware — a person/group going by the name of Janus Cybercrime Solutions — has released the master decryption key of all past Petya versions.
Servers and infrastructure belonging to Intellect Service, the company behind the M.E.Doc accounting software, were grossly mismanaged, being left without updates since 2013, and getting backdoored on three separate occasions during the past three months.
Security researcher Michael Gillespie has released a new version of the BTCWare ransomware decrypter after the author of the eponymous ransomware has leaked the private key for his latest version.
A new variant of the CryptoMix Ransomware was released today that uses the Azer extension for encrypted files. This variant also ups its game by including 10 different public RSA encryption keys, compared to the single one that was used in the previous version.
Chinese authorities have arrested two men who have distributed a version of the SLocker Android ransomware that was customized to look like WannaCry, the Windows ransom-worm that spread across the world in the middle of May.
It is always great to be able to announce a free decryptor for victim's who have had their files encrypted by a ransomware. This is the case today, where a decryptor for the Mole02 cryptomix variant was released.
The AV-TEST Security Report 2016/2017 published today is calling ransomware a "marginal phenomenon," highlighting that only 0.94% of all malware deployed in 2016 was a blackmail trojan.
The person or group behind the NotPetya ransomware has made its first move since the outbreak that took place eight days ago.
Ukrainian Police announced today it seized the servers from where the NotPetya ransomware outbreak first started to spread.
On Friday, three cyber-security firms have come forward with reports or statements that link the NotPetya ransomware outbreak to a cyber-espionage group known for a large number of past cyber-attacks, such as the one on Ukraine's power grid in December 2015.
It has been another crazy week when it comes to ransomware due to the NotPetya outbreak. This ransomware/destructive malware played havok all over the world, but especially the Ukraine, when it was unleashed on Tuesday. Other than that, the rest of the ransomware news was basically small variants being developed or released.
Security researcher Elad Erez has created a tool named Eternal Blues that system administrators can use to test if computers on their network are vulnerable to exploitation via NSA's ETERNALBLUE exploit.
The bandwagon of cyber-security firms claiming that NotPetya was meant for destructive purposes is getting more crowded by the day, with three new additions from Cisco Talos, F-Secure, and Malwarebytes.