Pierluigi Paganini April 07, 2016
TA530 group, spear phishing meets ransomware

A threat actor named TA530 group, has been targeting executives in an attempt to infect their machine with various malware, including ransomware. Ransomware continues to represent one of the greatest threat for the Internet users, the FBI recently issued a confidential urgent “Flash” message to the businesses and organizations about the Samsam Ransomware. Security firms […]

Pierluigi Paganini February 22, 2016
Admedia attacks now rely also on Joomla to serve ransomware

Operators running websites based on the WordPress and Joomla must be aware of a spike in the number of compromised platforms used in Admedia attacks. Not only WordPress CMS, threat actors behind the “Admedia attacks” are now looking with increasing interest to Joomla. This is the discovery made by the experts at the Internet Storm […]

Pierluigi Paganini February 05, 2016
Emergency. Hundreds of compromised WordPress sites serve TeslaCrypt ransomware

Operators running websites based on the WordPress must be aware of a spike in the number of compromised platforms used to deliver the TeslaCrypt ransomware. Administrators running websites based on the popular WordPress CMS must be aware of a spike in hacks that are resulting in the silent delivery of ransomware to the visitors. According to […]

Pierluigi Paganini November 27, 2015
Crooks use the Nuclear Exploit Kit to serve CryptoWall 4.0

The popular Nuclear Exploit Kit has been used for the first time to serve the ransomware CryptoWall 4.0. The Nuclear exploit kit is one of the privileged weapon in the arsenal of cyber criminal groups, now the popular crimeware kit has been used to serve the ransomware CryptoWall 4.0. In the past, criminal crews used the […]

Pierluigi Paganini November 09, 2015
Cryptowall 4.0 comes from Russia, Bitdefender released a vaccine

Security experts at Bitdefender speculate that the newborn Cryptowall 4.0 has a Russian origin. The company released a vaccine software. Security experts at Bitdefender seem to have no doubt, the authors of the last variant of the popular Cryptowall ransomware, Cryptowall 4.0 are Russians. The experts came to this conclusion through evidence collected during their investigations, for example, the servers used […]

Pierluigi Paganini November 04, 2015
CryptoWall 4.0 Released with a New Look and Several New Features

The fourth member of the CryptoWall family of ransomware, CryptoWall 4.0, has just been released, complete with new features and a brand new look. We recently reported that CryptoWall 3.0 has allegedly caused over $325 million in annual damages. CryptoWall first emerged in April 2014. Its first major upgrade was dubbed CryptoWall 2.0, and first emerged in October […]

Pierluigi Paganini July 16, 2015
TeslaCrypt 2.0 ransomware comes with significant improvements

Researchers at Kaspersky Lab have discovered a new strain of TeslaCrypt ransomware, version 2.0,  which was improved in a significant way. Malware researchers at Kaspersky detected a new strain of the TeslaCrypt ransomware (, so-called TeslaCrypt 2.0, which includes a number of improvements. This ransomware also encrypts video game files, but the most significant improvement […]

Pierluigi Paganini June 24, 2015
Cryptowall cost victims $18 Million since 2014 warns FBI

Between April 2014 and June 2015, the IC3 received 992 CryptoWall related complaints, with victims reporting losses totaling over $18 million. Cryptowall is one of the most nefarious ransomware in the wild, in twelve months the FBI has estimated that the overall losses were more than $18 million. Ransomware implements a classic extortion scheme typically demanding that victims pay ransom […]

Pierluigi Paganini June 05, 2015
CryptoWall 3.0 Still Actively Being Spread as a New Campaign is Discovered in-the-wild

A new malicious phishing campaign is spreading CryptoWall ransomware in the wild, the expert Michael Fratello has analyzed it for us. Just a reminder to all — CryptoWall 3.0 is still very much active, with phish tactics that I think are less effective, but who knows; maybe they’re seeing great success with this method.  Personally, […]

Pierluigi Paganini March 10, 2015
Crooks use seemingly harmless help files to serve CryptoWall ransomware

Experts at Bitdefender revealed that crooks used seemingly harmless help files to distribute a variant of the popular ransomware CryptoWall. The cybercrime never ceases to surprise, every time we discuss a new and effective technique to deceive victims and evade detection mechanisms. Security experts at Bitdefender have discovered a new spam campaign that targeted a few […]