-
The Week in Ransomware - February 1st 2019 - LockerGoga, MalSpam, and More
The biggest ransomware news this week is the cyber attack on Altran that was supposedly hit by the LockerGoga Ransomware. In addition, huge malspam campaigns were pushing Troldesh on Russia and GandCrab on Japanese victims.
- February 01, 2019
- 04:17 PM
1
-
Locky Ransomware Returns, but Targets Only Windows XP & Vista
The Locky ransomware is back, spreading via a massive wave of spam emails distributed by the Necurs botnet, but the campaign appears to be a half-baked effort because the ransomware is not able to encrypt files on modern Windows OS versions, locking files only on older Windows XP & Vista machines.
- June 22, 2017
- 03:48 AM
1
-
Sponsored Content
Free shadow SaaS inventory + security insightsDiscover all SaaS accounts ever created by anyone in your org, in minutes, along with insights on security risks and spend. Save time, money and effort by curbing SaaS sprawl and automating tasks like offboarding and user access reviews. Free trial.
-
The Week in Ransomware - June 16th 2017 - Jaff Decrypted & Mostly Crapware
For the most part, mostly in-development ransomware released this week. No really major ransomware variants released that are much of a threat. The big news, though, is that Kaspersky was able to figure out how to crack the decryption for the Jaff Ransomware and release a free decryptor.
- June 16, 2017
- 06:05 PM
- 0
-
Decrypted: Kaspersky Releases Decryptor for the Jaff Ransomware
Fedor Sinitsyn, a senior malware analyst at Kaspersky Labs, has discovered a weakness in the Jaff ransomware and was able to release a decryptor for all current variants For those who were infected with Jaff and had their files encrypted with the .jaff, .wlu, or .sVn extensions, this decryptor can recover your files for free.
- June 14, 2017
- 10:28 AM
- 7
-
The Week in Ransomware - June 9th 2017 - Jaff, Spectre, and MacRansom
Another week of mostly small ransomware releases. Ultimately, this is a good thing as the vast majority of these are never released. Of biggest note is a macOS RaaS, a new Jaff variant, and the potential for a new ransomware called Spectre.
- June 09, 2017
- 06:11 PM
- 3
-
Jaff Ransomware switches to the .sVn Extension
On Wednesday, security researcher Derek Knight discovered a new Jaff campaign spewing out emails that pretend to be emails from local copy machines. These SPAM emails contain attachments that include an executable file, which encrypt a victim's files and append the .sVn extension to encrypted file names.
- June 09, 2017
- 05:56 PM
- 0
-
Cybercrime Market Shares Infrastructure With Jaff Ransomware Operation
The people who distribute the Jaff ransomware share server space with a cybercrime marketplace called PaySell. The server in question is located at 5.101.66.85, an IP assigned to a hosting provider in Saint Petersburgh, Russia, according to Heimdal Security, the company that discovered the connection.
- June 05, 2017
- 01:00 AM
- 0
-
The Week in Ransomware - May 26th 2017 - AES-NI, Jaff, & Decryptors
This week was a busy with lots of little variants discussed below and a new version of the Jaff Ransomware circulating via MALSPAM. The big news is that AES-NI decided to close shop and has starting releasing the master decryption keys so people can get their files back for free.
- May 26, 2017
- 06:04 PM
- 0
-
Jaff Ransomware Switches to the WLU Extension and Gets a New Design
A new variant of the Jaff ransomware was discovered that includes an updated design for the ransom note and the new WLU extension for encrypted files. Like the first variant of Jaff, this new version continues to be distributed through MALSPAM campaigns.
- May 23, 2017
- 09:35 PM
- 0
-
The Week in Ransomware - May 13th 2017 - The WanaCrypt0r RansomApocaGeddonWare
What a crazy end of the week we had with the WanaCrypt0r RansomApocaGeddonWare! This ransomware literally took the entire world by storm by utilizing the NSA EternalBlue SMBv1 exploit to install ransomware on many high profile victims. While that was definitely the big news, the good news is we also saw a some decryptors released.
- May 13, 2017
- 02:34 PM
- 1
-
Jaff Ransomware Distributed via Necurs MALSPAM and asking for a $3,700 Ransom
A new ransomware was discovered today called Jaff ransomware. This ransomware will encrypt your files and append the .jaff extension to encrypted files. It also joins the ranks of other ransomware that steal payment site templates from Locky.
- May 11, 2017
- 04:10 PM
- 0
