New Ransomware called FileLocker Targeting Czech VictimsĮSET malware analyst Jiri Kropac discovered a new Czech-o-Slovak ransomware called FileLocker. Johns Hopkins cryptography professor Matthew Green wrote an interesting article about potential future methods of ransomware payment and key delivery. Source: February 28th 2017 A Few Thoughts on Cryptographic Engineering Italian ransomware site discusses how Crypt0L0cker, aka TorrentLocker, is digitally signing their SPAM emails using posta elettronica certificata (PEC), enc extension to encrypted files.Īttenzione, il ransomware Crypt0l0cker arriva via PEC
I discovered a new in-dev ransomware called Sardoninir that includes 100 different email accounts that are used to send information about the victim to the ransomware developer. First spotted two days ago, this ransomware operation is quite unique as it features a very minimal and direct style, with little-to-no instructions and simple-designed ransom notes and ransom payment portal.įebruary 26th 2017 In-Dev Sardoninir Ransomware Includes 100 Email Account Credentials New RaaS Portal Preparing to Spread Unlock26 RansomwareĪ new Ransomware-as-a-Service (RaaS) portal named Dot-Ransomware is behind the Unlock26 ransomware discovered this past week. The bizarre part of this infection is that it also has a support forum. This ransomware will encrypt files and append the. Michael Gillespie found a HiddenTear based ransomware called BarRax. damage extension to the filename, HiddenTear Based BarRax Ransomware has a Support Forum Michael Gillespie found a sample of a new ransomware called Damage. February 25th 2017 Database Ransom Attacks Have Now Hit MySQL ServersĪfter the ransacking of MongoDB, ElasticSearch, Hadoop, CouchDB, and Cassandra servers, attackers are now hijacking hundreds of MySQL databases, deleting their content, and leaving a ransom note behind asking for a 0.2 Bitcoin ($235) payment.
These keys were analyzed by various anti-virus vendors and used to create decryptors for the Dharma Ransomware.Ĭontributors and those who provided new ransomware information and stories this week include: DanielGallagher,, and you are interested in ransomware or InfoSec, I suggest you follow them on Twitter. The biggest news this week is that someone posted the master decryption keys for the Dharma Ransomware in the forums. Typical week in ransomware with a lot of small little variants released and resurgence of activity from Crypt0L0cker.
0 kommentar(er)
