From new ransomware and WannaCry imitations to decryption keys being released, ransomware developers continue to keep us busy.. This article will keep you up-to-date on the latest news and developments in ransomware.
The Matrix Ransomware gears up for higher distribution by using EITest, the Rig Exploit kit, while being able to spread to other computer through malicious shortcuts.
Lots and lots of little crappy ransomware released this week with nothing new or innovative. We do have some interesting Spora stats, a story on the decline of Locky, and of course an updated decryptor by Fabian Wosar who continues to kick ransomware in the buttocks. Other than that, not really any of significance.
Lots of news this week when it comes to ransomware. We have a Star Trek themed ransomware, new decryptors, lots of new crap ransomware, people modifying Petya for their own ends, and a new CryptoMix variant called Revenge. If your interested in ransomware, this week has a lot of news.
Another week and a lot more crappy ransomware released. Of particular interest is that Cerber no longer encrypts filenames, Emsisoft released a CryptON decryptor, and lots of really good technical writeups about ransomware.
It is another week and more ransomware to alert everyone about. The biggest news this week is the release of Serpent Ransomware, which is a new version of the Wildfire Ransomware and the continuing rise of Spora as a major player in the ransomware threat landscape.
The Spora ransomware is slowly making a name for itself as one of the most well-run ransomware operations on the market, with a very well-designed ransom payment portal, some solid customer support, and also efforts to improve the ransomware's reputation among victims.
Yesterday, Brad Duncan, a Threat Intelligence Analyst for Palo Alto Networks Unit 42, wrote a blog article discussing how the EITest Chrome Font Update campaign, which was previously discovered by Kafeine, is now distributing the Spora Ransomware instead.
This week we continue to see lots of little ransomware being developed and new variants of existing ones. The big news is Spora and Sage 2.0 now being distributed by actors that normally distribute Locky and Cerber. This has caused a greater distribution of both of these ransomware infections.
According to data gathered via the ID-Ransomware service, what all of us had predicted is now happening, as the Spora ransomware has started to spread to new territories outside former Soviet states.
The Sage 2.0 Ransomware, which is an updated variant of CryLocker, has been discovered being distributed by one of the same actors who is distributing Locky, Cerber, and Spora. Due to this there is a good chance of wider distribution of this ransomware. This guide provides information on Sage 2.0 and what to expect from it.
This week we continue to see more ransomware being released as well as changes in the distribution of the larger ransomware infections. For example, Locky has had a very low distribution lately since the holidays, but according to the Cisco Talos Group, it is starting to pick up again.
The ransomware scourge does not want to let up. This week we have seen lots of small infections released, a very professional Spora Ransomware payment site, the continuing relentless attack on MongoDB databases, and a big time ransomware payout. The good news is that wwe also had a few decryptors released by Emsisoft!
A new ransomware family made its presence felt today, named Spora, the Russian word for "spore." This new ransomware's most notable features are its solid encryption routine, ability to work offline, and a very well put together ransom payment site, the most sophisticated we've seen from ransomware authors as of yet.