Items tagged with Ransomware

Cybercriminals have developed a new form of Android ransomware that gives victims added incentive to pay up. In addition to scrambling the user's data with an AES encryption algorithm, the new ransomware replaces an infected device's personal identification number (PIN) with one that is randomly generated, effectively locking the rightful owner out. One the ransom is paid, the attacker can remotely reset the PIN and unlock the device. ESET, a security firm that offers antivirus solutions for both desktop and mobile devices, discovered the new ransomware and dubbed it DoubleLocker, since it locks users out of accessing their data in two ways. "Given its banking malware roots, DoubleLocker may... Read more...
TrendMicro has published a report that claims that a "sizable" spam campaign is underway and other than just having a bunch of unwanted email to contend with, the spam campaign is also pushing ransomware. The spam campaign is said to be distributing the latest variant of Locky, which is the ransomware that invaded LinkedIn back in November of last year via bogus leads.  The security firm says that it has looked at samples of these recent spam campaigns and has found that criminals are using some sophisticated distribution methods to affect users in over 70 countries. Along with Locky, the spammers are also distributing another ransomware program called FakeGlobe and that... Read more...
Cyber crooks have found a new way to ruin a person's day with ransomware. Traditionally most ransomware encrypts a victim's storage device and then demands a ransom in order to unlock the files. Some of the nastier versions will put a time limit on receiving payment before the ransomware starts permanently deleting files. Now there is version making the rounds that not only encrypts a victim's files, it steals Bitcoin wallets as well.The new variant of the Cerber ransomware takes a dual approach to extracting fund from a victim. It searches for one of three Bitcoin wallet applications, those being Bitcoin Core, Electrum, and Multibit. If it manages to find one, the ransomware sends it to the... Read more...
Here's something you don't see too often: a ransomware creator unearthing the master decryption key for public consumption. That's exactly what we're seeing from Petya's original developer, allowing those affected by certain versions of Petya to recover their data, and developers the ability to create decrypters to make the entire process that much easier. Unfortunately, there are a number of major caveats here. The biggest one is the fact that most of those affected by these specific versions of Petya dealt with it last year, not recently. It stands to reason that many of those folks did not clone or keep their drive, because it could have felt like a lost cause. If you still have the data,... Read more...
Over the past few years, one of the most prevalent types of malware has been ransomware - an infection that automatically locks down your sensitive data, and then makes you buy it back with your hard-earned cash. In May, one of the hardest-hitting ransomware strikes occurred, via the appropriately named WannaCry. Now, that's "old" news; today, the major threat is Petya, another piece of ransomware. Or is it? That's the big question. As we covered a couple of times this week, Petya is designated as ransomware that seems to be mostly striking computers in Europe. If infected, the user is told to send $300 worth of Bitcoin to a specific address to receive a key. The fee, all things considered, is... Read more...
There are no days off in Redmond, at least not for Microsoft. Hot on the heels of dealing with the WannaCry ransomware outbreak, Microsoft has now addressed reports of a new ransomware making the rounds, one that shares similar code with Petya, a nasty piece of ransomware in and of itself. What makes this new strain so dangerous is that it is capable of spreading across networks like a worm. This new ransomware is more sophisticated than the original Petya outbreak. According to Microsoft, the initial strain seems to originate from a Ukrainian company that builds a pierce of accounting software called MEDoc. Microsoft says it now has evidence that few active infections of the ransomware started... Read more...
Following last month's WannaCry attack, it looks as though another ransomware outbreak is quickly spreading around the globe. The attack seems to be centered in the Ukraine, where the ransomware has crippled the country’s central bank and power utilities like Ukrenego and Kyivenergo. Kiev’s Borispol airport has also come under attack according to a Facebook posting, and the city’s metro system has seen its payment infrastructure infiltrated. However, the official Twitter account for the Ukraine was decidedly upbeat about the outbreak, breaking the tension with a little bit of humor: Some of our gov agencies, private firms were hit by a virus. No need to panic, we’re putting utmost efforts... Read more...
Getting on-board with an operating system like Windows 10 S may be difficult for some users. Only a certain type of user would purposefully opt to use a whittled-down, locked-down OS by choice, but for the security conscious, it makes a lot of sense. After all, 10 S is still Windows -- it's just supposed to be safer. That's been Microsoft's message since the OS' launch, and its logic is sound: the more locked-down an OS, the lower the chances are that a piece of malware -- including ransomware -- will make it onto the system. To put it simply, using Windows 10 S is akin to locking your doors and windows. That level of security might not be bullet-proof, but its a lot better than leaving... Read more...
It seemed for a moment that the WannaCry ransomware that wreaked havoc at hospitals across Europe had been neutralized, but apparently it is still causing disruptions. The latest report comes from Honda Motor Co., which said on Wednesday that it had to shut down one of its factories in Japan after discovering that WannaCry had wormed its way onto the company's computer network.Honda temporarily ceased production at its Sayama plant located northwest of Tokyo. That particular factory produces several Honda automobile models, including the Accord sedan, Odyssey minivan, and Step Wagon compact vehicle. On any given day, it churns out around 1,000 vehicles, making a halt in production more than just... Read more...
The notion that Mac systems are immune to malware is just plain wrong. Sure, Macs might be less susceptible to malware than Windows-based PCs, but they are certainly not exempt from security threats. Proving otherwise, two different security outfits have put out warnings about separate threats targeting Mac users. One of them pertains to ransomware, where a user's documents and files are encrypted and held hostage until a ransom is paid, and the other is a spyware application that sniffs out sensitive information.Image Source: Apple Starting with the former, security outfit Fortinet said its labs recently discovered a ransomware-as-a-service (RaaS) called MacRansom that uses a web portal hosted... Read more...
Now that the dust has settled on a global ransomware outbreak that could have been much worse than it ended up being, we can all breathe a sigh of relieve. Meanwhile, security outfits are busy analyzing the outbreak to uncover as much information as possible about the threat known as WannaCry. According to Symantec's investigation into things, WannaCry has "strong links to Lazarus," which is the same group that attacked Sony Pictures and made off with $81 million from the Bangladesh Central Bank. Symantec says that before the recent outbreak occurred, a near identical version of WannaCry was used in targeted attacks in the months of February, March, and April of this year. The only difference... Read more...
For a quick minute, it looked as though a strain of ransomware that was seemingly stolen from the United States National Security Agency (NSA) was going to be a major problem for PCs around the world, and in particular Windows XP systems. Microsoft even made the unusual move of releasing an emergency patch for Windows XP even though it stopped supporting the legacy OS a long time ago. But now a week after the initial WannaCry outbreak it's been discovered that Windows 7 PCs were the hardest hit. A researcher for Kaspersky Lab posted a message on Twitter saying "the Windows XP count is insignificant," adding that Windows 7 took the brunt of the ransomware's activity. When looking at the overall... Read more...
The Wanna Decrypter ransomware that began floating around the Internet late last week, or WannCry as it's commonly known, has made a lasting impact, with hundreds of thousands of PCs worldwide being affected. What the malware does is even more alarming: one minute, you're using your computer normally; the next, your data is locked away behind a key unless you fork over hundreds of dollars in ransom money. As has become typical of ransomware, WannaCry will demand payment via Bitcoin in order to recover the data the attackers locked down. Once payment is received, an encryption key is typically (but not always) sent that will allow the user to recover their data. It's a chore for the inexperienced... Read more...
The Internet community was able to breathe a temporary sigh of relief after a 22-year-old security researcher accidentally discovered a way to thwart WannaCrypt, a fast-spreading strain of malware that was stolen from the National Security Agency. After reaching tens of thousands of systems in over 70 countries within the first few hours, WannaCrypt was stopped dead in its tracks. Also known as WannaCry, WCry, and by a handful of other designations, the unprecedented ransomware attack was particularly bothersome for hospitals in the UK. Many of them shut down and turned patients away. In some cases, operations had to be cancelled. Doctors and staff were locked out of viewing patent records because... Read more...
Microsoft stopped supporting Windows XP several years ago, though because some users and businesses (including government agencies) are still clinging to the legacy operating system, it has been known to release patches for more serious security threats. It does not happen often, but it does happen. Case in point, Microsoft has issued a security patch to protect Windows XP systems from the WannaCrypt ransomware that is spreading across the globe. Also known as WannaCry, WCry, and a handful of other names, WannaCrypt is believed to be one of the cybersecurity tools a hacking group pilfered from the National Security Agency (NSA) and leaked to the web. What makes this bit of ransomware particularly... Read more...
Last fall, we reported on a somewhat humorous report of a mere "reply all" email that managed to bring down email servers of the UK's National Health Service.  Unfortunately, we have something a bit more severe to report on today: an all-out cyberattack against the NHS. At some point today, doctors at NHS had to begin turning away patients as a ransomware attack that affected NHS' most important servers reared its ugly head. Doctors and staff were immediately locked out of their computers, essentially meaning that patient data could not be accessed. Queen Elizabeth Hospital in Birmingham; Flickr: Tony Hisgett It's not believed at this time that the attack will result in leaked patient data,... Read more...
Set phasers to stun! New ransomware is making the rounds today, and it is adopting a Star Trek theme. Avast researcher Jakub Kroustek is credited with tracking down the Kirk ransomware, which wreaks havoc by encrypting your precious files and demanding payment to get those files back. Unlike other ransomware, which often demands payment in the form of Bitcoins, Kirk instead insists that you fork over Monero, a cryptocurrency that is based on the CryptoNote protocol. According to BleepingComputer, this is the first ransomware to be tied to Monero. “The problem is that [Monero] is only going to confuse victims even more,” writes BleepingComputer. “By introducing a new cryptocurrency into the mix,... Read more...
When ransomware strikes, its impact could range from mild to severe. Sometimes, ransomware targets regular users, while other times, it targets important mega-corporations (or even police stations). In this latest incident, it affected a hotel, and subsequently ran the risk of affecting all of its guests. Here it is, the downright gorgeous Romantik Seehotel Jägerwirt in Austria. Staying at a place like this is the stuff dreams are made of. It could feel like paradise on Earth; certainly not a place where you'd expect to have to deal with the major hassle of being locked out of your room against even the hotel's will. This hotel, like so many others, integrates many of its intricate utilities... Read more...
Police are supposed to catch criminals; not become the victims of their antics. However, one Texas police department is finding out the hard way that ransomware is a big problem, as one of its employees fell for one of the oldest tricks in the [computer hackers’] playbook. According to a local news report, someone from within the department clicked on an email that featured a cloned address, thinking that it originated from someone within the department. However, all it did was open up the department’s computer network to a ransomware attack. Once the tainted email was accessed, malware weaved its way through the department network, encrypting files in the process. Once the malware did its dirty... Read more...
Be careful before downloading an app on your LG Smart TV. One user recently reported that their LG Smart TV had been infected by Cyber.Police ransomware, also known as FLocker, Frantic Locker, or Dogspectus. The infected television is one of the last LG Smart TV’s to use Google TV, a project that was discontinued in 2014. Software engineer Darren Cauthon revealed that his television was infected by the ransomware after his relatives had downloaded an app to watch a movie on December 25th. According to Cauthon, “They [the relatives] said they downloaded an app to watch a movie. Halfway thru movie, tv froze.” It is unclear whether Cauthon’s relatives downloaded the app from the Play Store or a... Read more...
Getting hit with ransomware, a form of malware that encrypts your files and holds them hostage until you pay the hacker responsible to decrypt them, is no laughing matter, at least if you're the victim. But for cyber crooks becoming ever more brazen, the temptation to taunt victims and security researchers is sometimes too much. That's been the case with the person responsible for the DXXD ransomware. DXXD is a nasty bit of code that's been going after servers for the past couple of weeks. Luckily there are good guys out there that act as security super heroes. One of them is Michael Gillespie, a dude who loves cats and also happens to be very good at analyzing ransomware. He often provides free... Read more...
We’ve seen some rather nasty ransomware making the rounds over the past few months, but a new strain is wreaking havoc on computers around the globe. Brazilian firm Morphus Labs first discovered the Windows-based ransomware, which has been given the name Mamba. So far, Mamba has been found on computers located in Brazil, India and even the United States. According to Morphus Labs researcher Renato Marinho, Mamba has been spreading as a result of people being tricked into interacting with phishing emails. Once a user has been “hooked”, Mamba gets down to business by infecting the host machine, and then proceeds to overwrite the PC’s Master Boot Record (MBR). But whereas most ransomware will encrypt... Read more...
Prev 1 2 3 4 Next