Ransomware news & analysis | SC Media

Ransomware

hard drive

AnteFrigus ransomware leaves C alone, goes after other drives

Security researchers have come across and analyzed an oddly behaving ransomware variant that bypasses the victim’s C drive instead targeting the device’s other drives. An analyst who tweets under Mol69 and Bleeping Computer took a look at the odd behavior presented by AnteFrigus ransomware. Instead of going after the one place where most people store…

New PureLocker ransomware built for targeted attacks, linked to MaaS dealer

A newly discovered ransomware called PureLocker is targeting the production servers of enterprises, while exhibiting some behavior that’s very unusual for most malicious encryptors. Among its quirky features: it’s written in the PureBasic programming language, which helps it avoid conventional anti-malware detection engines; it’s very picky about who it infects, only executing if the victim machine…

Ransom payments averaging $41,000 per incident

The average ransom payment paid out by victims increased 13 percent, to $41,000, during the last three months, but researchers noted the rate of increase has plateaued. Researchers at Coveware credited the victims with being better prepared to restore their data on their own negating the need to pay the ransom. However, that was not…

MegaCortex ransomware variant threatens data breach, alters credentials

A newly discovered variant of MegaCortex ransomware goes well beyond just encrypting victims’ files — it also changes their Windows passwords and threatens to publish their stolen data if they fail to pay. In a report earlier this week, BleepingComputer said it helped analyzed the new strain after it was discovered by MalwareHunterTeam and subsequently…

Adversary harboring DopplePaymer ransomware targets industrial sector

A cyber adversary in possession of both ransomware and point-of-sale malware was recently found to have obtained “a deep level of access” to the infrastructures of at least two targets, including a U.S.-based aluminum and stainless steel gratings company, researchers have reported. Judging by the choice of targets, the actor has a particular interest in…

Ransomware attack delays government services in Nunavut, Canada

A ransomware attack last weekend struck the network of the Canadian territory Nunavut, severely impeding a bevy of government services that rely on access to systems and electronic files. The attack took place on Saturday afternoon, encrypting files on government servers and workstations and crippling email and other internet-based communications. The only service to be…

Ransomware attack on TrialWorks is one of 13 on MSPs and cloud-service providers in 2019

Law firms using case management software from TrialWorks found themselves unable to access their legal documents after the third-party service provider was hit with a ransomware attack earlier this month. The Coral Gables, Florida-based company, which serves roughly 2,500 clients, was attacked back on Oct. 13, but reports of the incident only began to surface…

Next post in Ransomware