Category: Ransomware


WannaCry, the largest ransomware-spread campaign to date!

If you think that updating operating systems is not necessary, think again! Within the scope of the largest ransomware-spread campaign to date, more than 223.000 computers across 99 countries worldwide (including United States, Russia, India, Germany, Africa, Philippines, China …) have been infected. Here is the story behind the WannaCry ransomware and protection methods… On May 12th, National Cryptological Center of Spain...

887 total views, 2 views today


Filecoder.E: The new macOS-targeting ransomware distributed through Torrent websites

Experts from antivirus firm Eset have discovered a new ransomware variant, called OSX/Filecoder.E, that targets Macintosh users. It’s not the first time Mac-targeting ransomware has been detected by security researchers. In 2014, Kaspersky Labs discovered OSX.FileCoder.a ransomware, though it wasn’t complete at the time. And the next one, OSX.KeRanger was discovered in 2016 by Palo Alto researchers. The new Filecoder ransomware, designed...

945 total views, 2 views today


New CryptoLuck ransomware infects victims through legitimate GoogleUpdate.exe application and DLL hijacking

A Proofpoint security researcher has discovered a new ransomware, called CryptoLuck, that infects target computers through the legitimate GoogleUpdate.exe executable and DLL hijacking. According to security researcher and exploit kit expert ‘Kafeine‘, CryptoLuck ransomware has been spotted being distributed via RIG-E exploit kit after redirection from compromised websites and malvertising. While Kafeine only specifically saw this sample through advertising in the Adult web site...

1,294 total views, 2 views today


Telecrypt ransomware uses Telegram Messenger to communicate with C&C. Here is how to decrypt your files.

Kaspersky Lab researchers have discovered a new ransomware, called Telecrypt, that uses Telegram Messenger as a covert channel between the Command and Control (C&C) server and the compromised device. By using Telegram Messenger’s communication protocol, Telecrypt ransomware performs secure key exchange with the C&C server, which becomes hard to track through network traffic monitoring. It is also noticed that Telecrypt is the first ransomware...

1,129 total views, no views today