Security Awareness Training Blog

Ransomware Blog

Keeping you updated on the latest ransomware attack vectors, strains, decryptors, families and trends to help you avoid becoming infected.

As Neutrino takes a hit, RIG Exploit Kit jumps at the opportunity and spreads ransomware

Andra Zaharia (the picture is really her) from the Danish Heimdal Security wrote something interesting this morning that I thought you'd like to know:
Continue Reading

Meet Mamba: New Full Disk Encryption Ransomware

SecurityAffairs just published a new discovery that you need to know about. A Brazilian Infosec research group, Morphus Labs, just discovered a new Full Disk Encryption (FDE) ransomware ...
Continue Reading

[ALERT] FBI Warns Ransomware Attacks Get More Targeted And Expensive

In an alert published today, the U.S. Federal Bureau of Investigation (FBI) warned that recent ransomware variants have targeted and compromised vulnerable business servers (rather than ...
Continue Reading

New Vicious And Highly Targeted Ransomware Attacks Made Public

Here’s an example of a highly targeted ransomware attack, with bad guys using a phony Bank of Montreal (BMO) template to social engineer possible victims into clicking on a malicious ...
Continue Reading

A Single Ransomware Gang Made $121M In 2016

Intel Security today released its McAfee Labs Threats Report: September 2016, which assesses the growing ransomware threat; surveys the “who and how” of data loss; explains the practical ...
Continue Reading

Targeted Lawsuit Phishing Attack With Sophisticated Payload

We are seeing a big phishing wave with a social engineering attack that threatens with a personalized lawsuit using the domain name of the targeted victim. This is an interesting payload ...
Continue Reading

Adding Insult To Injury: The Ginsu Knives Approach To Ransomware

Kaspersky has a fascinating blog post on a new strain of ransomware called RAA that is not only fairly sophisticated, but incredibly abusive:
Continue Reading

Philadelphia Ransomware Strain Offers "Mercy" Button

Larry Abrams at Bleepingcomputer reported on a new strain that raises some eyebrows. "A new version of the Stampado ransomware called Philadelphia has started being sold for $400 USD by a ...
Continue Reading

Tampa FBI: Your business is going to get hacked (or get infected with ransomware)

The Tampa Bay Business Journal published an interview with FBI Special Agent Lawrence Wolfenden. Wolfenden is a 25-year veteran of the FBI, the lead agency for investigating cyber attacks ...
Continue Reading

New Cry Ransomware Strain Has Unusual Advanced Features

Larry Abrams at Bleepingcomputer reported on a new strain with a few unusual features: "A new ransomware that pretends to be from a fake organization called the Central Security Treatment ...
Continue Reading

KnowBe4's Field Guide to Macro Warning Screens

Earlier this week today we assisted several companies that were hit by ransomware. Although companies and organizations hit by ransomware can usually pinpoint the source or employee ...
Continue Reading

Ransomware & Voicemail Notifications, Redux

Several days ago we posted about a new ransomware campaign pushing Cerber through malicious ZIP files attached to voicemail-themed phishing emails. Fast on the heels of that campaign ...
Continue Reading

Here is a Real DDoS Plus Ransomware Extortion Attack

One of our customers received the following email today. It's a clear extortion attempt, they are threatening to execute a combined DDoS and Cerber ransomware attack. These bad guys claim ...
Continue Reading

Heads-up! Voice message notification email warning could be ransomware

Don't play voicemail messages from suspicious sources. Example displayed in MS Outlook. Image credit: SANS ISC.
Continue Reading

How Highly Personalized Ransomware Attacks Are Getting

CyberheistNews Subscriber Stuart Sanders sent me this: "A friend of mine in Melbourne Australia has been whacked by several crypto attacks on his clients in the last week. He supports ...
Continue Reading

Cerber Ransomware Plague Earns 2 Mil With Just 0.3% Victims Paying Up

A new report by Check Point software's researchers showed that Cerber's Ransomware-as-a-Service (RaaS) affiliate program is a success with more than 160 participants at current count, and ...
Continue Reading

FireEye warns 'massive' Locky ransomware campaign hits America

The dangerous Locky ransomware is being hurled at a variety of industries, healthcare being the number one target, according to FireEye researcher Ronghwa Chong. We have talked about ...
Continue Reading

PokemonGo Ransomware installs Backdoor Account and Spreads to other Drives

With the popularity of PokemonGo, it was inevitable that a malware developer would create a ransomware that impersonates it. This is the case with a new Hidden-Tear ransomware discovered ...
Continue Reading

Hitler ransomware just deletes files instead of encrypting them

Security experts detected and analyzed a new threat, the Hitler ransomware, that doesn’t encrypt files but simply deletes them. Larry Abrams at Bleepingcomputer commented: " It looks like ...
Continue Reading

July 2016 Ransomware Roundup: New Strains And New Nasty Features

The ransomware market is rapidly maturing, we start seeing upgraded strains and rebranded versions sold cheaply in the Dark Web. And mainstream media have finally glommed on after years ...
Continue Reading

Get the latest about social engineering

Subscribe to CyberheistNews