What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2019-02-01 16:17:03 | The Week in Ransomware - February 1st 2019 - LockerGoga, MalSpam, and More (lien direct) | The biggest ransomware news this week is the cyber attack on Altran that was supposedly hit by the LockerGoga Ransomware. In addition, huge malspam campaigns were pushing Troldesh on Russia and GandCrab on Japanese victims. [...] | Ransomware | ||
|
2019-01-30 03:03:00 | New LockerGoga Ransomware Allegedly Used in Altran Attack (lien direct) | Hackers have infected the systems of Altran Technologies with malware that spread through the company network, affecting operations in some European countries. To protect client data and its assets, Altran decided to shut down its network and applications. [...] | Ransomware Malware | ||
|
2019-01-29 18:00:02 | Theoretical Ransomware Attack Could Lead to Global Damages Says Report (lien direct) | According to a speculative cyber risk scenario prepared by Cambridge University for risk management purposes, a ransomware strain that would manage to impact more than 600,000 businesses worldwide within 24 hours would potentially lead to damages of billions not covered by insurers [...] | Ransomware Guideline | ||
|
2019-01-25 15:57:03 | The Week in Ransomware - January 25th 2019 - STOP Won\'t Stop! (lien direct) | This week we see STOP Ransomware becoming the most widespread ransomware targeting consumers and the enterprise that we have seen in a long time. This is due to a constant stream of variants being released, with a large amount of victims being infected through adware bundles promoted through crack sites. [...] | Ransomware | ||
|
2019-01-24 03:30:00 | Beware of Exit Map Spam Pushing GandCrab v5.1 Ransomware (lien direct) | A new malspam campaign pretending to be the current emergency exit map for the recipient's building is being used to install the GandCrab Ransomware. These spam emails contain malicious Word documents that download and install the infection from a remote computer. [...] | Ransomware Spam | ||
|
2019-01-23 06:02:05 | (Déjà vu) New Anatova Ransomware Supports Modules for Extra Functionality (lien direct) | A new ransomware family popped on the radar of analysts, who see it as a serious threat created by skilled authors that can turn it into a multifunctional piece of malware. [...] | Ransomware Threat | ||
|
2019-01-23 06:02:05 | (Déjà vu) New Ransomware Anatova Has Potential for Extended Functionality (lien direct) | A new ransomware family popped on the radar of analysts, who see it as a serious threat created by skilled authors that can turn it into a multifunctional piece of malware. [...] | Ransomware Threat | ||
|
2019-01-21 19:14:03 | New Rumba STOP Ransomware Being Installed by Software Cracks (lien direct) | The STOP ransomware has seen very heavy distribution over the last month using adware installers disguised as cracks. This campaign continues with a new variant released over the past few days that appends the .rumba extension to the names of encrypted files. [...] | Ransomware | ||
|
2019-01-21 17:24:01 | Ransomware Attacks May Soon Require Disclosure in North Carolina (lien direct) | Attorney General Josh Stein and Rep. Jason Saine proposed legislation designed to strengthen the state's identity theft protection legislation, targeting prevention and consumer protection boost in the face of breaches. [...] | Ransomware | ||
|
2019-01-18 16:57:02 | The Week in Ransomware - January 18th 2019 - Devs Back from Vacation (lien direct) | The ransomware developers must be back from vacation as there were a lot of new releases this week. In addition to new variants of existing ransomware such as Dharma, Scarab, Matrix, and more, we also had a few new variants pop up. [...] | Ransomware | ||
|
2019-01-17 17:48:04 | BlackRouter Ransomware Promoted as a RaaS by Iranian Developer (lien direct) | A ransomware called BlackRouter has been discovered being promoted as a Ransomware-as-a-Service on Telegram by an Iranian developer. This same actor previousl distributed another ransomware called Blackheart and promotes other infections such as a RAT. [...] | Ransomware | ★★★ | |
|
2019-01-15 19:12:01 | Djvu Ransomware Spreading New .TRO Variant Through Cracks & Adware Bundles (lien direct) | In December 2018, a new ransomware called Djvu, which could be a variant of STOP, was released that has been heavily promoted through crack downloads & adware bundles. Originally, this ransomware would append a variation of the .djvu string as an extension to encrypted files, but a recent variant has switched to the .tro extension. [...] | Ransomware | ★★★★★ | |
|
2019-01-15 03:25:03 | New Ransomware Bundles PayPal Phishing Into Its Ransom Note (lien direct) | A new in-development ransomware has been discovered that not only encrypts your files, but also tries to steal your PayPal credentials with an included phishing page. [...] | Ransomware | ||
|
2019-01-12 18:04:01 | The Week in Ransomware - January 11th 2019 - Access-as-a-Service (lien direct) | For the most part it has been a slow this week in terms of new ransomware variants being released. On the other hand, there has been quite a bit of interesting information that was released about Ryuk. [...] | Ransomware | ||
|
2019-01-12 16:39:01 | Ryuk Ransomware Partners with TrickBot to Gain Access to Infected Networks (lien direct) | Ryuk has historically been considered a a targeted ransomware where the actors scope out networks in order to gain access and install their ransomware. New research now indicates that the Ryuk actors may be using other malware as an Access-as-a-Service to gain access to networks. [...] | Ransomware Malware | ||
|
2019-01-11 15:55:03 | Del Rio City Hall Forced to Use Paper After Ransomware Attack (lien direct) | The City Hall of Del Rio, Texas was hit by a ransomware attack on the morning of January 10, which led to dozens of computers on the network being turned off and disconnected from the Internet to contain and analyze the malware [...] | Ransomware Malware | ||
|
2019-01-09 10:32:04 | CryptoMix Ransomware Exploits Sick Children to Coerce Payments (lien direct) | With people becoming more aware of ransomware, criminals are coming up with some pretty low life schemes in order to coerce victims into paying ransomware. Such is the case with a CryptoMix ransomware, who pretends to represent a sick children's charity and is asking for a ransom payment as if it was a charitable donation. [...] | Ransomware | ||
|
2019-01-07 10:17:01 | GandCrab Operators Use Vidar Infostealer as a Forerunner (lien direct) | Cybercriminals behind GandCrab have mixed the infostealer Vidar in the distribution process of the ransomware piece, which helps increase their profits by pilfering sensitive information before encrypting the computer files. [...] | Ransomware | ★★★ | |
|
2019-01-04 17:52:03 | The Week in Ransomware - January 4th 2019 - IPMI, FilesLocker, and More (lien direct) | For the past two weeks, we have seen a lot of new variants, decryptors, and Ryuk ransomware outbreaks. Of particular interest is the JungleSec ransomware, which has been hacking into servers via IPMI in order to install the ransomware. [...] | Ransomware | ||
|
2019-01-04 11:35:01 | (Déjà vu) How to Decrypt the Aurora Ransomware with AuroraDecrypter (lien direct) | If you have been infected with a Aurora Ransomware variant, then you are in luck as a program called AuroraDecrypter has been created by Michael Gillespie that allows you recover your encryption key without having to pay the ransom. [...] | Ransomware | ||
|
2019-01-02 14:30:00 | Master Decryption Key Released for FilesLocker Ransomware (lien direct) | On December 29th, a Pastbin post was created that contains the master RSA decryption key for the FilesLocker Ransomware. The release of this key has allowed a decryptor to be created that can recover victim's files for free. [...] | Ransomware | ||
|
2019-01-02 09:19:01 | How to Decrypt the FilesLocker Ransomware with FilesLockerDecrypter (lien direct) | On December 29th, an unknown user released the master RSA decryption key for FilesLocker v1 and v2. This allowed Michael Gillespie to release a decryptor for files encrypted by the FilesLocker Ransomware that have the .[fileslocker@pm.me] extension appended to file names. [...] | Ransomware | ||
|
2018-12-31 09:11:03 | Ryuk Ransomware Involved in Cyberattack Stopping Newspaper Distribution (lien direct) | A cyberattack reportedly bearing the signature of Ryuk ransomware caused disruption over the weekend in printing and delivery of major newspapers in the US from Tribune Publishing and Los Angeles Times. [...] | Ransomware | ||
|
2018-12-26 11:08:04 | JungleSec Ransomware Infects Victims Through IPMI Remote Consoles (lien direct) | A ransomware called JungleSec is infecting victims through insecure IPMI (Intelligent Platform Management Interface) cards since early November. [...] | Ransomware | ||
|
2018-12-21 16:01:05 | (Déjà vu) The Week in Ransomware - December 21st 2018 - No More Ransom (lien direct) | Slow week with ransomware news as we lead up into the holidays. Mostly small variants that won't get much distribution or releases of new variants of older ransomware. [...] | Ransomware Guideline | ||
|
2018-12-21 16:01:05 | (Déjà vu) The Week in Ransomware - December 21st 2018 - No More Ransomware (lien direct) | Slow week with ransomware news as we lead up into the holidays. Mostly small variants that won't get much distribution or releases of new variants of older ransomware. [...] | Ransomware Guideline | ||
|
2018-12-21 10:17:03 | How to Decrypt the Stupid Ransomware Family with StupidDecrypter (lien direct) | Stupid Ransomware is a family of ransomware infections that are typically utilized by less skilled developers and many utilize themes based on movies, pop-culture, or pretend to be law enforcement. This family of ransomware infections are created using an open source project that was posted to GitHub. [...] | Ransomware | ★★ | |
|
2018-12-17 16:02:03 | How to Decrypt the InsaneCrypt or Everbe 1 Family of Ransomware (lien direct) | If you are infected with the InsaneCrypt or Everbe 1.0 family of ransomware infections, a decryptor has been created that recover your files for free. [...] | Ransomware | ||
|
2018-12-16 18:05:01 | (Déjà vu) How to Decrypt HiddenTear Ransomware Variants (lien direct) | If you have been infected with a HiddenTear Ransomware variant, then you are in luck as a program called HiddenTearDecrypter has been created by Michael Gillespie that allows you recover your encryption key without having to pay the ransom. [...] | Ransomware | ||
|
2018-12-16 18:05:01 | (Déjà vu) How to Decrypt HiddenTear Ransomware with HT Brute Forcer (lien direct) | If you have been infected with a HiddenTear Ransomware variant, then you are in luck as a decryptor called HT Brute Forcer has been created by Michael Gillespie that allows you decrypt your files without having to pay the ransom. [...] | Ransomware | ★★★★★ | |
|
2018-12-14 18:31:01 | The Week in Ransomware - December 14th 2018 - Slow Week (lien direct) | It is a pretty slow week as we lead up to the holidays. Historically, ransomware tends to slow down during this time as people go away for vacation and businesses take more time off. [...] | Ransomware Guideline | ★★★★ | |
|
2018-12-14 11:47:00 | 123456 Is the Most Used Password for the 5th Year in a Row (lien direct) | For the 5th year in a row, "123456" is most used password, with "password" coming in at second place. Even in the wake of a constant stream of data breaches, hacks, and ransomware attack reports people continue to utilize weak passwords that not only put their information at jeopardy, but also their organization's data. [...] | Ransomware | ||
|
2018-12-08 14:05:02 | Sextortion Emails now Leading to Ransomware and Info-Stealing Trojans (lien direct) | Sextortion email scams have been a very successful way of generating money for criminals. A new Sextortion campaign is now taking it to the next level by tricking recipients into installing the Azorult information-stealing Trojan, which then downloads and installs the GandCrab ransomware. [...] | Ransomware | ★★★ | |
|
2018-12-07 17:49:01 | The Week in Ransomware - December 7th 2018 - WeChat Ransomware, Scammers, & More (lien direct) | This was a pretty interesting week in ransomware. First we had a Chinese ransomware that infected 100,000 victims and then we had research showing how a ransomware decryption service was just paying the ransom and tacking on a large fee. [...] | Ransomware | ||
|
2018-12-06 13:34:03 | Chinese Police Arrest Dev Behind UNNAMED1989 WeChat Ransomware (lien direct) | Chinese law enforcement have arrested the developer of the UNNAMED1989 / WeChat Ransomware that recently took China by storm and infected over 100K users in a few days. [...] | Ransomware | ||
|
2018-12-05 12:28:05 | Company Pretends to Decrypt Ransomware But Just Pays Ransom (lien direct) | Ransomware is a serious threat but also a lucrative business for crooks and scammers posing as IT professionals promising successful decryption services for the right price. [...] | Ransomware Threat | ★★★★ | |
|
2018-12-05 03:05:00 | Ransomware Infects 100K PCs in China, Demands WeChat Payment (lien direct) | Over 100,000 thousand computers in China have been infected in just a few days with poorly-written ransomware that encrypts local files and steals credentials for multiple Chinese online services. [...] | Ransomware | ||
|
2018-11-30 22:00:04 | The Week in Ransomware - November 30th 2018 - Indictments, Sanctions, & More (lien direct) | Been a pretty interesting week when it comes to ransomware. We had two Iranians who were indicted by the U.S. government for their involvement in the SamSam operation. We also had two bitcoin addresses used by ransomware added to the U.S. sanctions list, so they cannot be used to send payments to or you will violate U.S. sanctions. [...] | Ransomware | ★★★★★ | |
|
2018-11-30 21:07:00 | Moscow\'s New Cable Car System Infected with Ransomware the Day After it Opens (lien direct) | Moscow recently opened its first cable-car service and promised free rides for the first month. Unfortunately, only two days after after the service was made available, attackers reportedly hacked into the cable car systems and infected them with ransomware. [...] | Ransomware | ★★★★ | |
|
2018-11-30 12:02:04 | Making a Ransomware Payment? It May Now Violate U.S. Sanctions (lien direct) | Thinking about making a ransomware payment? If so, you may want to think twice before doing so as it could land you in trouble for violating U.S. government sanctions. [...] | Ransomware | ||
|
2018-11-28 11:39:00 | DOJ Indicts Two Iranian Hackers for SamSam Ransomware Operation (lien direct) | The Department of Justice announced today that a grand jury has unsealed an indictment against two Iranian hackers for conducting the hacking and ransomware operation called SamSam. [...] | Ransomware | ||
|
2018-11-23 19:42:01 | The Week in Ransomware - November 23rd 2018 - STOP, Dharma, and More (lien direct) | This week has mostly been releases of new variants of existing ransomware. Not much of interest other than the developer of the DelphiMorix ransomware trolling ransomware researchers by utilizing their aliases as the extensions for encrypted files. [...] | Ransomware | ||
|
2018-11-22 14:41:01 | Rotexy Mobile Trojan Launches 70k+ Attacks in Three Months (lien direct) | A mobile spyware that turned into a banking trojan with ransomware capabilities managed to launch over 70,000 attacks in the course of just three months. [...] | Ransomware | ||
|
2018-11-22 12:35:03 | Aurora / Zorro Ransomware Actively Being Distributed (lien direct) | A ransomware that has been distributed since the summer of 2018 has started to pick up steam in the latest variant. This new variant is currently being called Zorro Ransomware, but has also been called Aurora Ransomware in the past. [...] | Ransomware | ||
|
2018-11-09 17:38:01 | The Week in Ransomware - November 9th 2018 - Mostly Dharma Variants (lien direct) | It was a very slow week for ransomware news. For the most part, it was mostly new Dharma ransomware variants and a few smaller variants being released. Stay vigilant, though, as a slow week does not mean ransomware is not a threat. [...] | Ransomware | ||
|
2018-11-02 20:02:02 | The Week in Ransomware - November 2nd 2018 - RaaS, DiskCryptor, & More (lien direct) | This week we saw a new RaaS called CommonRansom, a new DiskCryptor variant, and numerous Dharma variant released. Otherwise, it has been a fairly light news week for ransomware. [...] | Ransomware | ||
|
2018-11-02 16:23:00 | New Ransomware using DiskCryptor With Custom Ransom Message (lien direct) | A new ransomware has been discovered that installs DiskCryptor on the infected computer and reboots your computer. On reboot, victims will be greeted with a custom ransom note that explains that their disk has been encrypted and how to pay the ransom. [...] | Ransomware | ★★ | |
|
2018-10-30 12:09:03 | CommonRansom Ransomware Demands RDP Access to Decrypt Files (lien direct) | A new ransomware called CommonRansom was discovered that has a very bizarre request. In order to decrypt a computer after a payment is made, they require the victim to open up Remote Desktop Services on the affected computer and send them admin credentials in order to decrypt the victim's files. [...] | Ransomware | ★★ | |
|
2018-10-26 16:18:04 | The Week in Ransomware - October 26th 2018 - Decryptors, RaaS, and More (lien direct) | We have had quite a bit of interesting news this week regarding ransomware. First we had the Kraken Cryptor deciding to connect to BleepingComputer.com during different stages of the encryption process, then we had a decryptor released by Bitdefender for GandCrab v1, v4, and v5, and finally a new FilesLocker rasnomware as a service. [...] | Ransomware | ||
|
2018-10-25 16:37:03 | New FilesLocker Ransomware Offered as a Ransomware as a Service (lien direct) | A new ransomware called FilesLocker is being distributed as a Ransomware as a Service, or RaaS, that targets Chinese and English speaking victims. [...] | Ransomware |
To see everything:
Our RSS (filtrered)
