ransomware

Home / ransomware

NMap NSE Script To Detect #WannaCry And #Petya MS17-010 SMBv1 Vulnerability

With the recent spread of the #WannaCry (Update 6/27/17: and #Petya) ransomware over the past week, the IT community has been in a frenzy to patch vulnerable systems that are missing the MS17-010 patch that Microsoft released back in March 2017. If you need to scan your network for possible vulnerable systems, you can use [...]

New Cerber Ransomware Switches To A Random Extension And Ends Database Processes

A new variant of the Cerber ransomware kills common database-related processes like those of the MySQL, Oracle and Microsoft SQL servers to encrypt files. The most notable change is the switch from the static .Cerber3 extension for encrypted files to a random 4 character extension, the use of a HTA file as the ransom note, [...]

By | 2016-10-16T15:53:22+00:00 October 6th, 2016|Categories: Ransomware, Security|Tags: , , , , , , , |0 Comments

Princess Locker Ransomware

A new ransomware-as-a-service (RaaS) has been discovered by SenseCy and Michael Gillespie. Despite the innocent name, the Princess Locker ransomware will encrypt your data, then demand a ransom of 3 bitcoins, or approximately $1800 USD. Once the victim has been infected, the Princess Locker will start to encrypt the host computer's files, and then append [...]

By | 2016-10-16T15:53:35+00:00 October 1st, 2016|Categories: Ransomware|Tags: , , , , |0 Comments

Mamba Ransomware Encrypts Full Hard Drive Spreading Via Phishing Emails

Security researchers at Morphus Labs reported about a new ransomware called Mamba, which encrypts the victim's whole hard drive. Recent reports show it spreading around Brazil, India, and the United States through phishing emails. Mamba ransomware attacks Windows computers and overwrites the MBR (Master Boot Record) and upon restart the victim will get a screen [...]

By | 2016-10-16T15:53:39+00:00 September 23rd, 2016|Categories: Ransomware, Security|Tags: , , , , , |0 Comments

Misspelled Malwarebytes (Malwerbyte) is Ransomware

You've probably heard of the popular anti-malware program called Malwarebytes. Recently, there's been a misspelled version of the app going around called Malwerbyte, which has ransomware hidden in it. The ransomware it contains is called DetoxCrypto, and there's already a second variant dubbed Calipso. The two variants of ransomware were first discovered back in August. [...]

By | 2016-10-16T15:53:45+00:00 September 19th, 2016|Categories: Ransomware, Security|Tags: , , , , , |0 Comments

New RAA Ransomware Variant Trojan-Ransom.JS.RaaCrypt.ag

The original RAA Ransomware was discovered last June which incorporated the information-stealing trojan Pony. The new RAA Rasomware variate, dubbed Trojan-Ransom.JS.RaaCrypt.ag, has evolved to more effectively target companies, encrypting victims' files and also stealing their data. The new ransomware is hidden in a password-protected zip archive attachment, and it can now perform offline encryption without [...]

By | 2016-10-16T15:53:52+00:00 September 13th, 2016|Categories: Ransomware, Security|Tags: , , , , |0 Comments

FairWare Ransomware Targets Linux Web Servers

If you host a website on a Linux server, you might want to watch out for the new FairWare ransomware. Not much is known about this ransomware yet, but it targets Linux web servers, deletes the web folder on the server and leaves a read_me.txt file which demands payment of 2 bitcoins as ransom to [...]

By | 2016-10-16T15:54:06+00:00 August 30th, 2016|Categories: Ransomware, Security|Tags: , , , , |0 Comments

Fake Windows Update Used By New Fantom Ransomware

Last week, BleepingComputer reported about a new ransomware that uses a fake Windows Update screen while it encrypts your files. This new ransomware is called Fantom Ransomware and it was discovered by an AVG malware researcher. The ransomware will install an executable program named 'a.exe.' To cloak its malicious activity, the file's properties state that [...]

By | 2016-10-16T15:54:07+00:00 August 29th, 2016|Categories: Ransomware, Security|Tags: , , , |0 Comments

CryptoWall 4.0 Ransomware Updated

The CryptoWall ransomware has been updated to make it more difficult for users to recover their encrypted data. The latest version of CryptoWall, version 4.0, will now alter the file names of data that it has encrypted to prevent victims from determining exactly what has been affected by the program. In addition, ransomware will now [...]

By | 2016-10-16T15:54:38+00:00 November 10th, 2015|Categories: Ransomware, Security|Tags: , , , , |0 Comments

Power Worm Ransomware Accidentally Destroys Victim’s Data During Encryption

Ransomware is a type of virus and malware that basically takes your computer hostage and demands that you pay a ransom to get your computer back to normal. As an IT Professional, I encourage you to never pay a ransom if you get infected by one of these. Instead, make sure you do routine backups [...]

By | 2016-10-16T15:54:39+00:00 November 10th, 2015|Categories: Ransomware, Security|Tags: , , , , |0 Comments