ransomware

Pierluigi Paganini June 15, 2017
Victims of Jaff Ransomware now can decrypt their locked files for free thanks to Kaspersky

Victims of the Jaff ransomware can use an updated version of the Kaspersky Labs’s RakhniDecryptor tool to decrypt their encrypted files. Security researchers at Kaspersky Lab have discovered a weakness in the Jaff ransomware that allowed the researchers creating of decryption keys to unlock files encrypted by the malware. Once the victims were infected by the Jaff […]

Pierluigi Paganini June 12, 2017
MacRansom: The first Mac ransomware offered as a RaaS Service

Malware researchers at security firm Fortinet have spotted MacRansom, it is the first Mac ransomware offered as a RaaS Service. Malware researchers at security firm Fortinet have spotted a new strain of ransomware dubbed MacRansom that targets Mac machines. The malware is available with Ransomware-as-a-service (RaaS) model through a hidden service in the TOR network. Experts believe […]

Pierluigi Paganini May 08, 2017
Fatboy Ransomware as a Service sets the ransom based on the victims’ location

Recently discovered Fatboy ransomware implements a dynamic method of setting the ransom amount based on the geographic location of the victims. Ransomware continues to monopolize the threat landscape, recently security experts have observed numerous evolution of this specific family of malware. A newly discovered ransomware-as-a-service (RaaS), dubbed Fatboy, implements a dynamic method of setting the […]

Pierluigi Paganini April 18, 2017
Karmen Ransomware, a cheap RaaS service that implements anti-analysis features

Experts at Recorded Future have discovered a cheap RaaS, the Karmen Ransomware that deletes decryptor if detects a sandbox. Security experts from threat intelligence firm Recorded Future have spotted a new ransomware as a service (RaaS) called Karmen. The service allows customers to easy create their ransomware campaign in a few steps and without specific skills. Wannabe-crooks […]

Pierluigi Paganini April 18, 2017
Who is offering the CradleCore Ransomware as source code?

CradleCore ransomware is a malware offered in the underground as a source code, instead of the classic ransomware-as-a-service (RaaS) model. According to the experts at Forcepoint, the author is offering the malware in many Tor-based crime forums as source code allowing crooks to request a customized version of the code. The CradleCore ransomware is offered by the author as a […]

Pierluigi Paganini April 07, 2017
Apache Struts 2 vulnerability exploited to deliver the Cerber ransomware

Cyber criminals exploited the recently patched Apache Struts 2 vulnerability CVE-2017-5638 in the wild to deliver the Cerber ransomware. A recently patched Apache Struts 2 vulnerability, tracked as CVE-2017-5638, has been exploited by crooks in the wild to deliver the Cerber ransomware. The remote code execution vulnerability affected the Jakarta-based file upload Multipart parser under Apache […]

Pierluigi Paganini March 20, 2017
Kirk ransomware – A Star Trek Themed Ransomware that requests Monero payments

The researchers have discovered a new piece of ransomware featuring a Star Trek theme, dubbed Kirk ransomware, the first one accepting Monero payments. Ransomware continues to be one of the most profitable cyber threats, for this reason, every week we see new strains of malware in the wild. The researchers have discovered a new piece […]

Pierluigi Paganini March 15, 2017
Mac users enjoy, FindZip macOS Ransomware decryption tool is available online for free

Great news for macOS users who were infected by the FindZip macOS ransomware, Avast released a decryption tool for free. Good news for macOS users who were infected by the FindZip ransomware, now a decryption tool was released online for free. The FindZip macOS ransomware was spotted last month by researchers at ESET, it is […]

Pierluigi Paganini March 15, 2017
PetrWrap, a Petya-based ransomware, was used in targeted attacks

Threat actors in the wild have found the way to hijack the Petya ransomware on the fly and use it in targeted attacks, say welcome to PetrWrap ransomware. The Petya ransomware was first spotted by experts at TrendMicro one year ago, it overwrites MBR to lock users out of the infected machines. The Petya ransomware causes a blue […]

Pierluigi Paganini March 07, 2017
Kaspersky Lab discovered a new sophisticated Shamoon-Linked malware dubbed StoneDrill

The experts spotted a new sophisticated strain of malware dubbed StoneDrill that is linked to Shamoon 2 and Charming Kitten. Researchers at Kaspersky Lab have discovered further information about the dreaded Shamoon 2 malware. The experts spotted a new sophisticated strain of malware dubbed StoneDrill that is linked to Shamoon 2 and Charming Kitten (aka Newscaster and […]