What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2019-03-28 05:30:00 | UNNAM3D Ransomware Locks Files in Protected Archives, Demands Gift Cards (lien direct) | A new ransomware called Unnam3d R@nsomware is being distributed via email that will move a victim's files into password protected RAR archives. The ransomware then demands a $50 Amazon gift card code in order to get the archive password. [...] | Ransomware | ||
|
2019-03-28 03:14:03 | Ransomware Hits Garage of Canadian Domain Registration Authority (lien direct) | The parking system used by employees of the Canadian Internet Registration Authority (CIRA) went out of service after getting infected with ransomware. [...] | Ransomware | ||
|
2019-03-25 13:05:00 | Emsisoft has Released a Decryptor for the Hacked Ransomware (lien direct) | A decryptor for the Hacked Ransomware was released today by Emsisoft that allows victims to recover their files for free. This ransomware was active in 2017 and targeted English, Turkish, Spanish, and Italian users. [...] | Ransomware | ||
|
2019-03-22 18:41:05 | 70% of Ransomware Attacks Targeted SMBs, BEC Attacks Increased by 130% (lien direct) | Beazley Breach Response (BBR) Services found that 71% of ransomware attacks targeted small businesses, with an average ransom demand of $116,324 and a median of $10,310, after analyzing 3,300 incidents involving its clients in 2018 [...] | Ransomware | ||
|
2019-03-22 16:59:02 | The Week in Ransomware - March 22nd 2019 - LOCKERGOGA! (lien direct) | This week has been dominated by the news of aluminum producer Norsk Hydro being crippled by the LockerGoga Ransomware. Since then, it has been constant news coverage regarding the ransomware and more in-depth analysis. [...] | Ransomware | ||
|
2019-03-21 06:01:00 | Fake CDC Emails Warning of Flu Pandemic Push Ransomware (lien direct) | A new malspam campaign is being conducted that is pretending to be from the Centers for Disease Control and Prevention (CDC) about a new Flu pandemic. Attached to the emails are a malicious attachment that when opened will install the GandCrab v5.2 Ransomware on the target's computer. [...] | Ransomware | ||
|
2019-03-15 17:19:05 | The Week in Ransomware - March 15th 2019 - STOP, Decryptors, and More (lien direct) | This week we have seen a new decryptor released by both Emsisoft and Avast for the BigBobRoss ransomware. We also saw a lot of new variants released for existing ransomware, expecially the STOP Ransomware. [...] | Ransomware | ||
|
2019-03-12 04:30:04 | Yatron Ransomware Plans to Spread Using EternalBlue NSA Exploits (lien direct) | A new Ransomware-as-a-Service called Yatron is being promoted on Twitter that plans on using the EternalBlue and DoublePulsar exploits to spread to other computer on a network. This ransomware will also attempt to delete encrypted files if a payment has not been made in 72 hours. [...] | Ransomware | ||
|
2019-03-10 17:30:03 | STOP Ransomware Installing Password Stealing Trojans on Victims (lien direct) | In addition to encrypting a victim's files, the STOP ransomware family has also started to install the Azorult password-stealing Trojan on victim's computer to steal account credentials, cryptocurrency wallets, desktop files, and more. [...] | Ransomware | ||
|
2019-03-09 13:20:03 | Ransomware Attack on Jackson County Gets Cybercriminals $400,000 (lien direct) | A ransomware attack hit the computers of Jackson County, Georgia, reducing government activity to a crawl until officials decided to pay cybercriminals $400,000 in exchange for the file decryption key. [...] | Ransomware | ||
|
2019-03-08 15:33:03 | The Week in Ransomware - March 8th 2019 - OpJerusalem, Jokeroo, and More (lien direct) | This week we had some interesting stories, with the two biggest being an alleged new Ransomware-as-a-Service called Jokeroo and the #OpJerusalem attack conducted against Israeli sites. [...] | Ransomware | ||
|
2019-03-05 04:30:00 | CryptoMix Clop Ransomware Says It\'s Targeting Networks, Not Computers (lien direct) | A new CryptoMix Ransomware variant has been discovered that appends the .CLOP or .CIOP extension to encrypted files. Of particular interest, is that this variant is now indicating that the attackers are targeting entire networks rather than individual computers. [...] | Ransomware | ★★★ | |
|
2019-03-04 16:48:02 | #OpJerusalem Targeted Israeli Windows Users with JCry Ransomware (lien direct) | Over the weekend, hundreds of popular Israeli sites were targeted by an attack called #OpJerusalem whose goal was to infect Windows users with the JCry ransomware. Thankfully, a mistake in the attacker's code caused the page to show a defacement rather than causing the ransomware to be distributed. [...] | Ransomware | ||
|
2019-03-02 13:56:03 | Ransomware Pretends to Be Proton Security Team Securing Data From Hackers (lien direct) | A recent variant of the GarrantyDecrypt ransomware has been found that pretends to be from the security team for Proton Technologies, the company behind ProtonMail and ProtonVPN. [...] | Ransomware | ||
|
2019-03-01 18:45:01 | The Week in Ransomware - March 1st 2019 - Cr1ptT0r, B0r0nt0K, and More (lien direct) | Over the past two weeks, there has been some interesting ransomware news regarding a new GandCrab decryptor and two new ransomware infections. [...] | Ransomware | ||
|
2019-02-24 15:02:01 | B0r0nt0K Ransomware Wants $75,000 Ransom, Infects Linux Servers (lien direct) | A new ransomware called B0r0nt0K is encrypting victim's web sites and demanding a 20 bitcoin, or approximately $75,000, ransom. This ransomware is known to infect Linux servers, but may also be able to encrypt users running Windows. [...] | Ransomware | ||
|
2019-02-22 06:18:05 | (Déjà vu) Cr1ptT0r Ransomware Infects D-Link NAS Devices, Targets Embedded Systems (lien direct) | A new ransomware called Cr1ptT0r built for embedded systems targets network attached storage (NAS) equipment exposed to the internet to encrypt data available on it. [...] | Ransomware | ||
|
2019-02-22 06:18:05 | (Déjà vu) Cr1ptT0r Ransomware Targets Embedded Systems, Infects D-Link NAS Gear (lien direct) | A new ransomware called Cr1ptT0r built for embedded systems targets network attached storage (NAS) equipment exposed to the internet to encrypt data available on it. [...] | Ransomware | ||
|
2019-02-21 06:39:01 | GandCrab Ransomware Affiliates Continue to Push Decryptable Versions (lien direct) | GandCrab Ransomware affiliates are doing their victims a favor by screwing up and distributing a version of the ransomware that can be decrypted for free. [...] | Ransomware | ||
|
2019-02-20 13:13:03 | Formjacking Surpasses Ransomware and Cryptojacking as Top Threat of 2018 (lien direct) | A new year in review report from Symantec shows that formjacking accompanied by supply chain attacks were the fastest growing threats of 2018, while living-off-the-land (LotL) attacks saw a large boost in adoption from threat actors, with PowerShell scripts usage, for example, seeing a formidable 1000% increase. [...] | Ransomware Threat | ||
|
2019-02-16 10:30:04 | The Week in Ransomware - February 15th 2019 - Attack on MSPs (lien direct) | It has been a really dead week with ransomware, which we are always happy to see. Not much new variants released, other than the standard ones such as Matrix and Dharma. The biggest news this week has been GandCrab affiliates targeting vulnerabilities in MSP software that allows them to infect all the clients they manage. [...] | Ransomware | ||
|
2019-02-14 11:53:01 | Ransomware Attacks Target MSPs to Mass-Infect Customers (lien direct) | Ransomware distributors have started to target managed service providers (MSPs) in order to mass-infect all of their clients in a single attack. Recent reports indicate that multiple MSPs have been hacked recently, which has led to hundreds, if not thousands, of clients being infected with the GandCrab Ransomware. [...] | Ransomware | ||
|
2019-02-08 15:35:00 | The Week in Ransomware - February 8th 2019 - Shady Data Recovery Companies (lien direct) | This week was mostly filled with new variants of existing ransomware such as STOP, Dharma, and Jigsaw ransomware. We did though have some interesting news, such as a ransomware downloader being created from the pixels of images and shady data recovery companies partnering with GandCrab to make extra profits. [...] | Ransomware | ||
|
2019-02-08 13:14:01 | Mail Attachment Builds Ransomware Downloader from Super Mario Image (lien direct) | A malicious spreadsheet has been discovered that builds a PowerShell command from individual pixels in a downloaded image of Mario from Super Mario Bros. When executed, this command will download and install malware such as the GandCrab Ransomware and other malware. [...] | Ransomware | ||
|
2019-02-01 16:17:03 | The Week in Ransomware - February 1st 2019 - LockerGoga, MalSpam, and More (lien direct) | The biggest ransomware news this week is the cyber attack on Altran that was supposedly hit by the LockerGoga Ransomware. In addition, huge malspam campaigns were pushing Troldesh on Russia and GandCrab on Japanese victims. [...] | Ransomware | ||
|
2019-01-30 03:03:00 | New LockerGoga Ransomware Allegedly Used in Altran Attack (lien direct) | Hackers have infected the systems of Altran Technologies with malware that spread through the company network, affecting operations in some European countries. To protect client data and its assets, Altran decided to shut down its network and applications. [...] | Ransomware Malware | ||
|
2019-01-29 18:00:02 | Theoretical Ransomware Attack Could Lead to Global Damages Says Report (lien direct) | According to a speculative cyber risk scenario prepared by Cambridge University for risk management purposes, a ransomware strain that would manage to impact more than 600,000 businesses worldwide within 24 hours would potentially lead to damages of billions not covered by insurers [...] | Ransomware Guideline | ||
|
2019-01-25 15:57:03 | The Week in Ransomware - January 25th 2019 - STOP Won\'t Stop! (lien direct) | This week we see STOP Ransomware becoming the most widespread ransomware targeting consumers and the enterprise that we have seen in a long time. This is due to a constant stream of variants being released, with a large amount of victims being infected through adware bundles promoted through crack sites. [...] | Ransomware | ||
|
2019-01-24 03:30:00 | Beware of Exit Map Spam Pushing GandCrab v5.1 Ransomware (lien direct) | A new malspam campaign pretending to be the current emergency exit map for the recipient's building is being used to install the GandCrab Ransomware. These spam emails contain malicious Word documents that download and install the infection from a remote computer. [...] | Ransomware Spam | ||
|
2019-01-23 06:02:05 | (Déjà vu) New Anatova Ransomware Supports Modules for Extra Functionality (lien direct) | A new ransomware family popped on the radar of analysts, who see it as a serious threat created by skilled authors that can turn it into a multifunctional piece of malware. [...] | Ransomware Threat | ||
|
2019-01-23 06:02:05 | (Déjà vu) New Ransomware Anatova Has Potential for Extended Functionality (lien direct) | A new ransomware family popped on the radar of analysts, who see it as a serious threat created by skilled authors that can turn it into a multifunctional piece of malware. [...] | Ransomware Threat | ||
|
2019-01-21 19:14:03 | New Rumba STOP Ransomware Being Installed by Software Cracks (lien direct) | The STOP ransomware has seen very heavy distribution over the last month using adware installers disguised as cracks. This campaign continues with a new variant released over the past few days that appends the .rumba extension to the names of encrypted files. [...] | Ransomware | ||
|
2019-01-21 17:24:01 | Ransomware Attacks May Soon Require Disclosure in North Carolina (lien direct) | Attorney General Josh Stein and Rep. Jason Saine proposed legislation designed to strengthen the state's identity theft protection legislation, targeting prevention and consumer protection boost in the face of breaches. [...] | Ransomware | ||
|
2019-01-18 16:57:02 | The Week in Ransomware - January 18th 2019 - Devs Back from Vacation (lien direct) | The ransomware developers must be back from vacation as there were a lot of new releases this week. In addition to new variants of existing ransomware such as Dharma, Scarab, Matrix, and more, we also had a few new variants pop up. [...] | Ransomware | ||
|
2019-01-17 17:48:04 | BlackRouter Ransomware Promoted as a RaaS by Iranian Developer (lien direct) | A ransomware called BlackRouter has been discovered being promoted as a Ransomware-as-a-Service on Telegram by an Iranian developer. This same actor previousl distributed another ransomware called Blackheart and promotes other infections such as a RAT. [...] | Ransomware | ★★★ | |
|
2019-01-15 19:12:01 | Djvu Ransomware Spreading New .TRO Variant Through Cracks & Adware Bundles (lien direct) | In December 2018, a new ransomware called Djvu, which could be a variant of STOP, was released that has been heavily promoted through crack downloads & adware bundles. Originally, this ransomware would append a variation of the .djvu string as an extension to encrypted files, but a recent variant has switched to the .tro extension. [...] | Ransomware | ★★★★★ | |
|
2019-01-15 03:25:03 | New Ransomware Bundles PayPal Phishing Into Its Ransom Note (lien direct) | A new in-development ransomware has been discovered that not only encrypts your files, but also tries to steal your PayPal credentials with an included phishing page. [...] | Ransomware | ||
|
2019-01-12 18:04:01 | The Week in Ransomware - January 11th 2019 - Access-as-a-Service (lien direct) | For the most part it has been a slow this week in terms of new ransomware variants being released. On the other hand, there has been quite a bit of interesting information that was released about Ryuk. [...] | Ransomware | ||
|
2019-01-12 16:39:01 | Ryuk Ransomware Partners with TrickBot to Gain Access to Infected Networks (lien direct) | Ryuk has historically been considered a a targeted ransomware where the actors scope out networks in order to gain access and install their ransomware. New research now indicates that the Ryuk actors may be using other malware as an Access-as-a-Service to gain access to networks. [...] | Ransomware Malware | ||
|
2019-01-11 15:55:03 | Del Rio City Hall Forced to Use Paper After Ransomware Attack (lien direct) | The City Hall of Del Rio, Texas was hit by a ransomware attack on the morning of January 10, which led to dozens of computers on the network being turned off and disconnected from the Internet to contain and analyze the malware [...] | Ransomware Malware | ||
|
2019-01-09 10:32:04 | CryptoMix Ransomware Exploits Sick Children to Coerce Payments (lien direct) | With people becoming more aware of ransomware, criminals are coming up with some pretty low life schemes in order to coerce victims into paying ransomware. Such is the case with a CryptoMix ransomware, who pretends to represent a sick children's charity and is asking for a ransom payment as if it was a charitable donation. [...] | Ransomware | ||
|
2019-01-07 10:17:01 | GandCrab Operators Use Vidar Infostealer as a Forerunner (lien direct) | Cybercriminals behind GandCrab have mixed the infostealer Vidar in the distribution process of the ransomware piece, which helps increase their profits by pilfering sensitive information before encrypting the computer files. [...] | Ransomware | ★★★ | |
|
2019-01-04 17:52:03 | The Week in Ransomware - January 4th 2019 - IPMI, FilesLocker, and More (lien direct) | For the past two weeks, we have seen a lot of new variants, decryptors, and Ryuk ransomware outbreaks. Of particular interest is the JungleSec ransomware, which has been hacking into servers via IPMI in order to install the ransomware. [...] | Ransomware | ||
|
2019-01-04 11:35:01 | (Déjà vu) How to Decrypt the Aurora Ransomware with AuroraDecrypter (lien direct) | If you have been infected with a Aurora Ransomware variant, then you are in luck as a program called AuroraDecrypter has been created by Michael Gillespie that allows you recover your encryption key without having to pay the ransom. [...] | Ransomware | ||
|
2019-01-02 14:30:00 | Master Decryption Key Released for FilesLocker Ransomware (lien direct) | On December 29th, a Pastbin post was created that contains the master RSA decryption key for the FilesLocker Ransomware. The release of this key has allowed a decryptor to be created that can recover victim's files for free. [...] | Ransomware | ||
|
2019-01-02 09:19:01 | How to Decrypt the FilesLocker Ransomware with FilesLockerDecrypter (lien direct) | On December 29th, an unknown user released the master RSA decryption key for FilesLocker v1 and v2. This allowed Michael Gillespie to release a decryptor for files encrypted by the FilesLocker Ransomware that have the .[fileslocker@pm.me] extension appended to file names. [...] | Ransomware | ||
|
2018-12-31 09:11:03 | Ryuk Ransomware Involved in Cyberattack Stopping Newspaper Distribution (lien direct) | A cyberattack reportedly bearing the signature of Ryuk ransomware caused disruption over the weekend in printing and delivery of major newspapers in the US from Tribune Publishing and Los Angeles Times. [...] | Ransomware | ||
|
2018-12-26 11:08:04 | JungleSec Ransomware Infects Victims Through IPMI Remote Consoles (lien direct) | A ransomware called JungleSec is infecting victims through insecure IPMI (Intelligent Platform Management Interface) cards since early November. [...] | Ransomware | ||
|
2018-12-21 16:01:05 | (Déjà vu) The Week in Ransomware - December 21st 2018 - No More Ransom (lien direct) | Slow week with ransomware news as we lead up into the holidays. Mostly small variants that won't get much distribution or releases of new variants of older ransomware. [...] | Ransomware Guideline | ||
|
2018-12-21 16:01:05 | (Déjà vu) The Week in Ransomware - December 21st 2018 - No More Ransomware (lien direct) | Slow week with ransomware news as we lead up into the holidays. Mostly small variants that won't get much distribution or releases of new variants of older ransomware. [...] | Ransomware Guideline |
To see everything:
Our RSS (filtrered)
