Pierluigi Paganini
December 11, 2017
According to the firm Carbon Black, Android ransomware kits are very popular in the dark web, and the median price range for them hits $200. According to the firm Carbon Black, Android ransomware kits are very popular in the dark web, more than 5,000 Android ransomware kit listings have been discovered in 2017. Even if most ransomware kits are still focused […]
Pierluigi Paganini
December 04, 2017
The security expert Michael Gillespie discovered a new variant of the Shadow BTCware Ransomware which is manually installed on unsecured systems. The security expert Michael Gillespie discovered a new variant of the BTCWare ransomware, the malicious code was spread by hacking into poorly protected remote desktop services and manually installed by crooks. The new Shadow BTCware Ransomware variant appends the .[email]-id-id.shadow extension to the encrypted files, […]
Pierluigi Paganini
December 03, 2017
The Halloware ransomware is a new malware offered for sale in the dark web, the author that goes online with the moniker Luc1F3R is selling it for just $40. According to the experts at Bleeping Computer, Luc1F3R started selling the Halloware this week through a dedicated portal on the Dark web. Luc1F3R claims to be a 17-year-old college […]
Pierluigi Paganini
November 24, 2017
An Italian researcher from the security firm InTheCyber devised an attack technique to create self-replicating malware hidden in MS Word documents. A few weeks ago, a security researcher reported a flaw that affects all versions of Microsoft Office that could be exploited by attackers to spread macro-based self-replicating malware. Microsoft promptly implemented a security mechanism in […]
Pierluigi Paganini
November 19, 2017
Malware researchers at MalwareHunterTeam discovered a new variant of the CryptoMix ransomware, the second one in just a few days. A new variant of the CryptoMix ransomware was recently discovered by the experts at the MalwareHunterTeam, it is the second release of new variants this week. The latest variant appends the. 0000 extension to encrypted files and uses new contact emails, for example, […]
Pierluigi Paganini
November 10, 2017
Security experts spotted a new malware dubbed Ordinypt, it is a wiper disguised as ransomware that currently only targets German users The malware researcher Michael Gillespie first reported a new strain of malware called Ordinypt that is currently targeting German users, but unfortunately instead of encrypting users’ files, the malware intentionally destroy them. Tweets by demonslay335 Early this […]
Pierluigi Paganini
November 06, 2017
A new strain of ransomware dubbed GIBON ransomware was spotted by the ProofPoint researcher Matthew Mesa that observed it being distributed via malspam. The spam messages use a malicious document as attachment containing macros that once enabled will download and install the ransomware on a victim’s machine. The researcher dubbed the ransomware GIBON because of the presence of the string “GIBON” in two […]
Pierluigi Paganini
November 01, 2017
The researchers at CSE Cybsec ZLab have completed their analysis the Bad Rabbit ransomware, the report follows our preliminary analysis. Introduction Recently a new ransomware, called BadRabbit, infected systems in many countries, most of in East Europe, such as Ukraine and Russia. The malware was not totally new, it seems to be an evolution of the old […]
Pierluigi Paganini
November 01, 2017
MBR-ONI is a new ransomware that is being used for targeted attacks in Japan, experts speculate it was used to cover larger hacking campaigns. MBR-ONI is a new ransomware that is being used for targeted attacks in Japan, it is a bootkit ransomware that uses a modified version of the legitimate open-source disk encryption utility DiskCryptor to […]
Pierluigi Paganini
October 31, 2017
Security experts from Fortinet spotted a new strain of the Sage ransomware that included new functionalities, such as anti-analysis capabilities. Sage 2.0 is a new ransomware first observed in December and not now it is distributed via malicious spam. Sage is considered a variant of CryLocker ransomware, it is being distributed by the Sundown and RIG exploit kits. The […]
