What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2018-12-17 16:02:03 | How to Decrypt the InsaneCrypt or Everbe 1 Family of Ransomware (lien direct) | If you are infected with the InsaneCrypt or Everbe 1.0 family of ransomware infections, a decryptor has been created that recover your files for free. [...] | Ransomware | ||
|
2018-12-16 18:05:01 | (Déjà vu) How to Decrypt HiddenTear Ransomware Variants (lien direct) | If you have been infected with a HiddenTear Ransomware variant, then you are in luck as a program called HiddenTearDecrypter has been created by Michael Gillespie that allows you recover your encryption key without having to pay the ransom. [...] | Ransomware | ||
|
2018-12-16 18:05:01 | (Déjà vu) How to Decrypt HiddenTear Ransomware with HT Brute Forcer (lien direct) | If you have been infected with a HiddenTear Ransomware variant, then you are in luck as a decryptor called HT Brute Forcer has been created by Michael Gillespie that allows you decrypt your files without having to pay the ransom. [...] | Ransomware | ★★★★★ | |
|
2018-12-14 18:31:01 | The Week in Ransomware - December 14th 2018 - Slow Week (lien direct) | It is a pretty slow week as we lead up to the holidays. Historically, ransomware tends to slow down during this time as people go away for vacation and businesses take more time off. [...] | Ransomware Guideline | ★★★★ | |
|
2018-12-14 11:47:00 | 123456 Is the Most Used Password for the 5th Year in a Row (lien direct) | For the 5th year in a row, "123456" is most used password, with "password" coming in at second place. Even in the wake of a constant stream of data breaches, hacks, and ransomware attack reports people continue to utilize weak passwords that not only put their information at jeopardy, but also their organization's data. [...] | Ransomware | ||
|
2018-12-08 14:05:02 | Sextortion Emails now Leading to Ransomware and Info-Stealing Trojans (lien direct) | Sextortion email scams have been a very successful way of generating money for criminals. A new Sextortion campaign is now taking it to the next level by tricking recipients into installing the Azorult information-stealing Trojan, which then downloads and installs the GandCrab ransomware. [...] | Ransomware | ★★★ | |
|
2018-12-07 17:49:01 | The Week in Ransomware - December 7th 2018 - WeChat Ransomware, Scammers, & More (lien direct) | This was a pretty interesting week in ransomware. First we had a Chinese ransomware that infected 100,000 victims and then we had research showing how a ransomware decryption service was just paying the ransom and tacking on a large fee. [...] | Ransomware | ||
|
2018-12-06 13:34:03 | Chinese Police Arrest Dev Behind UNNAMED1989 WeChat Ransomware (lien direct) | Chinese law enforcement have arrested the developer of the UNNAMED1989 / WeChat Ransomware that recently took China by storm and infected over 100K users in a few days. [...] | Ransomware | ||
|
2018-12-05 12:28:05 | Company Pretends to Decrypt Ransomware But Just Pays Ransom (lien direct) | Ransomware is a serious threat but also a lucrative business for crooks and scammers posing as IT professionals promising successful decryption services for the right price. [...] | Ransomware Threat | ★★★★ | |
|
2018-12-05 03:05:00 | Ransomware Infects 100K PCs in China, Demands WeChat Payment (lien direct) | Over 100,000 thousand computers in China have been infected in just a few days with poorly-written ransomware that encrypts local files and steals credentials for multiple Chinese online services. [...] | Ransomware | ||
|
2018-11-30 22:00:04 | The Week in Ransomware - November 30th 2018 - Indictments, Sanctions, & More (lien direct) | Been a pretty interesting week when it comes to ransomware. We had two Iranians who were indicted by the U.S. government for their involvement in the SamSam operation. We also had two bitcoin addresses used by ransomware added to the U.S. sanctions list, so they cannot be used to send payments to or you will violate U.S. sanctions. [...] | Ransomware | ★★★★★ | |
|
2018-11-30 21:07:00 | Moscow\'s New Cable Car System Infected with Ransomware the Day After it Opens (lien direct) | Moscow recently opened its first cable-car service and promised free rides for the first month. Unfortunately, only two days after after the service was made available, attackers reportedly hacked into the cable car systems and infected them with ransomware. [...] | Ransomware | ★★★★ | |
|
2018-11-30 12:02:04 | Making a Ransomware Payment? It May Now Violate U.S. Sanctions (lien direct) | Thinking about making a ransomware payment? If so, you may want to think twice before doing so as it could land you in trouble for violating U.S. government sanctions. [...] | Ransomware | ||
|
2018-11-28 11:39:00 | DOJ Indicts Two Iranian Hackers for SamSam Ransomware Operation (lien direct) | The Department of Justice announced today that a grand jury has unsealed an indictment against two Iranian hackers for conducting the hacking and ransomware operation called SamSam. [...] | Ransomware | ||
|
2018-11-23 19:42:01 | The Week in Ransomware - November 23rd 2018 - STOP, Dharma, and More (lien direct) | This week has mostly been releases of new variants of existing ransomware. Not much of interest other than the developer of the DelphiMorix ransomware trolling ransomware researchers by utilizing their aliases as the extensions for encrypted files. [...] | Ransomware | ||
|
2018-11-22 14:41:01 | Rotexy Mobile Trojan Launches 70k+ Attacks in Three Months (lien direct) | A mobile spyware that turned into a banking trojan with ransomware capabilities managed to launch over 70,000 attacks in the course of just three months. [...] | Ransomware | ||
|
2018-11-22 12:35:03 | Aurora / Zorro Ransomware Actively Being Distributed (lien direct) | A ransomware that has been distributed since the summer of 2018 has started to pick up steam in the latest variant. This new variant is currently being called Zorro Ransomware, but has also been called Aurora Ransomware in the past. [...] | Ransomware | ||
|
2018-11-09 17:38:01 | The Week in Ransomware - November 9th 2018 - Mostly Dharma Variants (lien direct) | It was a very slow week for ransomware news. For the most part, it was mostly new Dharma ransomware variants and a few smaller variants being released. Stay vigilant, though, as a slow week does not mean ransomware is not a threat. [...] | Ransomware | ||
|
2018-11-02 20:02:02 | The Week in Ransomware - November 2nd 2018 - RaaS, DiskCryptor, & More (lien direct) | This week we saw a new RaaS called CommonRansom, a new DiskCryptor variant, and numerous Dharma variant released. Otherwise, it has been a fairly light news week for ransomware. [...] | Ransomware | ||
|
2018-11-02 16:23:00 | New Ransomware using DiskCryptor With Custom Ransom Message (lien direct) | A new ransomware has been discovered that installs DiskCryptor on the infected computer and reboots your computer. On reboot, victims will be greeted with a custom ransom note that explains that their disk has been encrypted and how to pay the ransom. [...] | Ransomware | ★★ | |
|
2018-10-30 12:09:03 | CommonRansom Ransomware Demands RDP Access to Decrypt Files (lien direct) | A new ransomware called CommonRansom was discovered that has a very bizarre request. In order to decrypt a computer after a payment is made, they require the victim to open up Remote Desktop Services on the affected computer and send them admin credentials in order to decrypt the victim's files. [...] | Ransomware | ★★ | |
|
2018-10-26 16:18:04 | The Week in Ransomware - October 26th 2018 - Decryptors, RaaS, and More (lien direct) | We have had quite a bit of interesting news this week regarding ransomware. First we had the Kraken Cryptor deciding to connect to BleepingComputer.com during different stages of the encryption process, then we had a decryptor released by Bitdefender for GandCrab v1, v4, and v5, and finally a new FilesLocker rasnomware as a service. [...] | Ransomware | ||
|
2018-10-25 16:37:03 | New FilesLocker Ransomware Offered as a Ransomware as a Service (lien direct) | A new ransomware called FilesLocker is being distributed as a Ransomware as a Service, or RaaS, that targets Chinese and English speaking victims. [...] | Ransomware | ||
|
2018-10-25 09:04:00 | Free Decrypter Available for the Latest GandCrab Ransomware Versions (lien direct) | A newly released decryption tool allows free recovery of files encrypted by certain versions of GandCrab, a ransomware family that affected hundreds of thousands of people since the beginning of the year. [...] | Ransomware Tool | ||
|
2018-10-21 12:32:03 | Kraken Cryptor Ransomware Connecting to BleepingComputer During Encryption (lien direct) | Over the weekend, the Kraken Cryptor Ransomware released version 2.0.6, which now connects to BleepingComputer during different stages of their encryption process. It is not known what they are trying to achieve by doing this, but it does provide BleepingComputer with insight into the amount of its victims. [...] | Ransomware | ||
|
2018-10-19 14:13:04 | The Week in Ransomware - October 19th 2018 - GandCrab, Birbware, and More (lien direct) | It has been another slow week, with mostly new variants of existing ransomware being released. The biggest news is that the GandCrab Ransomware developers have decided to release the decryption keys for Syrian victims. [...] | Ransomware | ||
|
2018-10-12 18:24:00 | The Week in Ransomware - October 12th 2018 - NotPetya, GandCrab, and More (lien direct) | Lots of Scarab, Matrix, and Dharma variants this week as well as some good writeups on the GandCrab ransomware. Also of interest is ESET publishing of their report that ties NotPetya and Industroyer to the TeleBots Group. [...] | Ransomware | NotPetya | |
|
2018-10-05 19:02:01 | The Week in Ransomware - October 5th 2018 - Restaurant Shutdowns & Exploit Kits (lien direct) | Very very quiet week this. Not much new ransomware to report and only released of well known variants like Matrix, Unlock92, and Dharma ransomware infections. The biggest news was the shut down of numerous restaurants that are part of the Recipe Unlimited group and the Kraken Cryptor ransomware being distributed by the Fallout EK. [...] | Ransomware | ★★★★★ | |
|
2018-10-04 12:59:00 | Fallout Exploit Kit Now Installing the Kraken Cryptor Ransomware (lien direct) | The Fallout Exploit has been distributing the GandCrab Ransomware for the past few weeks, but has now switched its payload to the Kraken Cryptor Ransomware. [...] | Ransomware | ||
|
2018-09-28 17:36:02 | The Week in Ransomware - September 28th 2018 - RDP and gandCrab (lien direct) | During this week, we did not see a large amount of smaller variants released compared to what we have historically seen. This is because ransomware has moved towards large network-wide breaches by variants such SamSam, BitPaymer, and Dharma over publicly exposed remote desktop services. [...] | Ransomware | ||
|
2018-09-26 03:05:00 | GandCrab v5 Ransomware Utilizing the ALPC Task Scheduler Exploit (lien direct) | The GandCrab v5 ransomware has started to use the recently disclosed Task Scheduler ALPC vulnerability to gain System privileges on an infected computer. This vulnerability was recently patched by Microsoft in the September 2018 Patch Tuesday, but many companies may not have installed the patch. [...] | Ransomware Vulnerability | ||
|
2018-09-25 00:05:00 | GandCrab V5 Released With Random Extensions and New HTML Ransom Note (lien direct) | GandCrab v5 has been released with a few noticeable changes. The first change is that the ransomware now uses a random 5 character extension for encrypted files and a new HTML ransom note. [...] | Ransomware | ||
|
2018-09-21 18:50:04 | The Week in Ransomware - September 21st 2018 - Beer, Airports, & Dharma (lien direct) | This has been a busy week. We had a brewery hit, an airport's flight and arrival time displays taken out, and Dharma deciding to release three different variants in one week. The NSA CodeBreaker Challenge was also kicked off today and it has a ransomware theme this year. [...] | Ransomware | ||
|
2018-09-21 17:30:02 | Gamma, Bkp, & Monro Dharma Ransomware Variants Released in One Week (lien direct) | This week we have seen three new Dharma Ransomware variants released that append either the .Gamma, .Bkp, & .Monro extensions to encrypted files. [...] | Ransomware | ||
|
2018-09-21 10:09:03 | Romanian Woman Admits Involvement in Hacking Attack On Washington Police Computers (lien direct) | A Romanian woman admitted on Thursday her participation in a ransomware distribution scheme that ended up disabling computers used by the Washington D.C. police for surveillance. [...] | Ransomware | ★★★★ | |
|
2018-09-18 18:35:05 | Xbash Malware Deletes Databases on Linux, Mines for Coins on Windows (lien direct) | What may very well be considered a cybercriminal's dream tool is now real and it is hunting Windows and Linux servers: a botnet with self-spreading capabilities that combines cryptomining and ransomware functions. [...] | Ransomware Malware Tool | ||
|
2018-09-15 17:50:02 | New Brrr Dharma Ransomware Variant Released (lien direct) | A new variant of the Dharma Ransomware was released this week that appends the .brrr extension to encrypted files. This variant was first discovered by Jakub Kroustek who tweeted a link to the sample on VirusTotal. [...] | Ransomware | ★★★ | |
|
2018-09-14 19:46:04 | The Week in Ransomware - September 14th 2018 - Kraken, Dharma, & Matrix (lien direct) | Was a quiet week for new variants, but a bunch of long-running ransomware infections released new variants this week. We had a few from Scarab, a new Dharma variant, and a new Matrix ransomware variant. [...] | Ransomware | ||
|
2018-09-14 18:11:01 | Fallout Exploit Kit Pushing the SAVEfiles Ransomware (lien direct) | Last week the Fallout Exploit kit was distributing the GandCrab ransomware. This week, it has started to distribute a new ransomware called SAVEfiles, for lack of a better name, through malvertising campaigns. [...] | Ransomware | ★★★★★ | |
|
2018-09-14 13:35:05 | (Déjà vu) Kraken Cryptor Ransomware Masquerading as SuperAntiSpyware Security Program (lien direct) | The Kraken Ransomware is a newer ransomware that was released in August 2018. A new version, called Kraken 1.5, was recently released that is masquerading as the legitimate SuperAntiSpyware anti-malware program in order to trick users into installing it. [...] | Ransomware | ||
|
2018-09-14 13:35:05 | (Déjà vu) Kraken Ransomware Masquerading as SuperAntiSpyware Security Program (lien direct) | The Kraken Ransomware is a newer ransomware that was released in August 2018. A new version, called Kraken 1.5, was recently released that is masquerading as the legitimate SuperAntiSpyware anti-malware program in order to trick users into installing it. [...] | Ransomware | ||
|
2018-09-07 19:28:03 | The Week in Ransomware - September 7th 2018 - Obama, Matrix, and More (lien direct) | It has been a quiet week with just small variants and new variants of existing ones such as Matrix. As much as we would like to see ransomware die off altogether, it is hear to stay. [...] | Ransomware | ||
|
2018-09-06 18:24:03 | New Fallout Exploit Kit Drops GandCrab Ransomware or Redirects to PUPs (lien direct) | A new exploit kit called Fallout is being used to distribute the GandCrab ransomware, malware downloading Trojans, and other potentially unwanted programs (PUPs). [...] | Ransomware Malware | ||
|
2018-09-02 14:16:02 | Barack Obama\'s Blackmail Virus Ransomware Only Encrypts .EXE Files (lien direct) | Every once in a while you come across a really strange malware and such is the case with a new ransomware that only encrypts .EXE files on a computer. It then displays a screen with a picture of President Obama that asks for a "tip" to decrypt the files. [...] | Ransomware Malware | ||
|
2018-08-31 22:01:02 | The Week in Ransomware - August 31st 2018 - Devs on Vacation (lien direct) | Even the ransomware developers seem to be taking a last minute summer vacation as it was only small variants released, with a few being in development. I am hoping this is just a continual decline in new ransomware, but we will not know for sure until we start moving into September. [...] | Ransomware | ||
|
2018-08-31 20:44:00 | CryptoNar Ransomware Discovered and Quickly Decrypted (lien direct) | This week a new CryptoJoker ransomware variant was discovered called CryptoNar that has infected victims. The good news, is that a free decryptor was quickly released so that these victims can get their files back for free. [...] | Ransomware | ||
|
2018-08-20 13:01:00 | Beware of Spam with Fake Invoices Pushing Hermes 2.1 Ransomware and AZORult (lien direct) | A malspam campaign is underway that pretends to be an invoice for an outstanding payment. When these invoices are opened they install the AZORult information stealing Trojan and the Hermes 2.1 Ransomware onto the recipient's computer. [...] | Ransomware Spam | ||
|
2018-08-20 05:20:04 | New Fox Ransomware Matrix Variant Tries Its Best to Close All File Handles (lien direct) | A new variant of the Matrix Ransomware has been discovered that is renaming encrypted files and then appending the .FOX extension to the file name. Of particular interest, this ransomware could have the most exhaustive process of making sure each and every file is not opened and available for encrypting. [...] | Ransomware | ||
|
2018-08-18 03:45:04 | AZORult Trojan Serving Aurora Ransomware by MalActor Oktropys (lien direct) | Towards the end of July 2018, we saw a new version of the AZORult trojan being used in malware campaigns targeting computers globally. In this article, we will dive into the malware and analyze its execution flow and payloads. [...] | Ransomware Malware | ||
|
2018-08-17 16:18:04 | The Week in Ransomware - August 17th 2018 - Princess Evolution & Dharma (lien direct) | The biggest news was the release of the Princess Evolution RaaS and a new variant of the Dharma ransomware utilizing the .cmb extension for encrypted files. Otherwise, it was mostly small variants released that will not likely have many victims. [...] | Ransomware |
To see everything:
Our RSS (filtrered)
