Researchers have discovered a new RedAlert (aka N13V) ransomware that encrypts Windows and Linux VMWare ESXi servers and targets corporate networks. MalwareHunterTeam, an information security expert, was the first to notice the new malware, posting screenshots from the group’s dark web site on Twitter. Let me remind you that we also wrote that Information Security… Continue reading New RedAlert Ransomware Targets Windows and Linux VMware ESXi Servers
Tag: Ransomware
AstraLocker Ransomware Operators Publish File Decryption Tools
AstraLocker ransomware operators have announced that the malware is ending its work and have uploaded data decryption tools to VirusTotal. The hackers say that they do not plan to return to ransomware in the future, but intend to switch to cryptojacking. The Bleeping Computer reports that it has already studied the archive published by the… Continue reading AstraLocker Ransomware Operators Publish File Decryption Tools
Hackers Launched LockBit 3.0 and Bug Bounty Ransomware
The LockBit ransomware group released the LockBit 3.0 malware, at the same time introduced its own bug bounty ransomware program, and also announced that it would accept ransoms in the Zcash cryptocurrency. Bleeping Computer recalls that LockBit appeared in 2019 and has since become one of the most active threats, accounting for about 40% of… Continue reading Hackers Launched LockBit 3.0 and Bug Bounty Ransomware
LockBit Weaponizes Its Victims’ Clients – Brett Callow
Brett Callow, a cybersecurity analyst at Emsisoft, shared information on his Twitter about the broadened tactics the LockBit ransomware group applies to its victims. Imagine a firm gets attacked by ransomware. It is not a novelty that, besides encrypting the data belonging to the company (to demand ransom for giving the data back,) the crooks… Continue reading LockBit Weaponizes Its Victims’ Clients – Brett Callow
Conti Ransomware Shutdown, Site Disabled
Conti operators shut down the remnants of the public infrastructure. Two servers on the Tor network that were used to publish victims’ data and negotiate ransoms are down. The Conti News website’s admin panel and the stolen information storage were closed a month ago, and the list of non-payers has not been updated all this… Continue reading Conti Ransomware Shutdown, Site Disabled
Copyright Claims Used as Bait by LockBit 2.0 Affiliates in Korea
A new type of email-bait has been invented by the affiliates of LockBit 2.0. Specialists at AhnLab Inc, a South Korean security software company, have noticed that LockBit 2.0 affiliates began spreading their encrypting pests via emails that pretend to be copyright infringement messages. Considering the ransomware victims are usually companies, not individuals, it is… Continue reading Copyright Claims Used as Bait by LockBit 2.0 Affiliates in Korea
NCC Group’s May 2022 Threat Report Reflects Conti’s End
NCC Group’s monthly report on cyber threats features some curious news, namely the alleged closure of ransomware group Conti and the strengthening of the Lockbit 2.0 gang. Conti, a notorious Russian ransomware gang responsible for the attack on Irish medical institutions last year, is believed to be disbanded after the internal correspondence of the gang… Continue reading NCC Group’s May 2022 Threat Report Reflects Conti’s End
Chinese Hackers Use Ransomware As a Cover for Espionage
Secureworks experts have found that Chinese hackers from two groups that specialize in espionage and theft of intellectual property from Japanese and Western companies use ransomware to hide their actions. Let me remind you that we also wrote that Chinese Hacker Group Revealed after a Decade of Undetected Espionage, and also that Chinese Hackers Attack… Continue reading Chinese Hackers Use Ransomware As a Cover for Espionage
Ryuk – Devastatingly Effective Targeted Ransomware
Ransomware is a malicious program which an attacker injects into your device to encrypt your data and hold your digital life hostage. Ryuk ransomware is similar to the typical ransomware but enhanced. It deliberately preys on high-profile targets capable of paying large amounts of money. Today we will learn what Ryuk ransomware is, how it… Continue reading Ryuk – Devastatingly Effective Targeted Ransomware
QNAP Warns Clients About DeadBolt Ransomware Attacks
DeadBolt Ransomware: Another Instance of Ransomware Evolution On June 17, QNAP, the Taiwanese hardware manufacturer, warned its customers about ransomware attacks targeting the company’s NAS (network-connected storage) devices. Following attacks in January, March, and May, the DeadBolt ransomware is an impending problem for QNAP devices again. QNAP advises all users to update operating systems to… Continue reading QNAP Warns Clients About DeadBolt Ransomware Attacks