Ransomware News, Articles and Updates

Mailmen and Mole-men: Spammers impersonated USPS, delivered Mole ransomware in evolving campaign

A malicious spam campaign found impersonating the U.S. Postal Service and delivering an apparent Cryptomix ransomware variant called Mole has already changed its tactics multiple times since its discovery earlier this month.

Paid in the USA: Americans more likely to pony up when infected with ransomware

The U.S. suffered 34 percent of global ransomware infections last year - and it's no wonder why, with 64 percent of Americans willing to pay to retrieve their encrypted files, compared to 34 percent of victims worldwide, according to Symantec.

City of Newark reportedly hit in ransomware attack

A ransomware attack has hit some municipal computers in New Jersey's most populous city, Newark, TAPInto Newark reported on Monday, citing the city's CIO Seth Wainer and a document obtained by the media outlet.

Locky ransomware is back, this time via Necurs

After fading from the spotlight, the notorious Locky ransomware is again flooding into email inboxes owing to new campaigns spread via the Necurs botnet.

Asian Interpol operation finds nearly 9,000 CnC servers

Investigators from seven Southeast Asian nations collaborated on a joint Interpol operation that identified approximately 8,800 C2 servers in eight countries and nearly 270 compromised websites, including government portals.

Australian businesses hit with email scam

An elaborate email scam is unfolding in Australia that is infecting computers with malware.

Femme fatale: Karmen ransomware seduces novice cybercriminals with affordability, ease of use

A Russian-speaking cybercriminal was discovered last March selling a new ransomware program named Karmen on the dark web, although infections could date back as early as December 2016 in the U.S. and Germany.

Attackers Strut Their Stuff, exploiting Apache Struts 2 framework to serve ransomware

Bad actors have been leveraging a disclosed remote code execution exploit in Apache Struts 2 to launch an evolving array of malicious campaigns, including Cerber ransomware attacks, against machines that still use unpatched versions of the software.

No More Ransom gets major boost with new members, new decryption tools

No More Ransom, conceived as a European resource, is adding new partners and new decryption tools in a boost to its now global anti-ransomware campaign.

Android ransomware variant hoodwinks AV software by waiting 4 hours before striking

A newly discovered variant of the Android ransomware PornDroid eludes all antivirus programs by waiting four hours before executing its malicious activity as well as by employing heavy amounts of obfuscation.

World Backup Day 2017: even with backups, users still lose data

According to new research from Kroll Ontrack, simply having a backup solution won't prevent users from losing data.

Fourfold increase in spam in 2016, IBM X-Force report

Largely owing to the breach of Yahoo, 2016 proved to be the year when the term mega-breach reached a pinnacle, according to the just-released "IBM X-Force Threat Intelligence Index 2017."

Cerber learns to dodge machine learning

Trend Micro researchers have spotted Cerber using new trick to evade machine learning making it harder to detect.

Apple patches bugs, reportedly reconfigures iOS to stifle pop-up scam

Apple on Monday released security updates for multiple products, and in the process also reconfigured iOS to address a pop-up issue that scammers were abusing to lock users out of their Safari mobile browsers in an attempt to extort money.

Dutch parliament hit with ransomware attack

The lower house of the Dutch parliament, the Tweede Kamer, was hit with a ransomware attack that managed to encrypt some files before being stopped.

Cybercrime bills advance in two states

Legislation aimed at countering cybercrime, including ransomware, is advancing toward the governor's desk in both Indiana and Texas.

Microsoft: Malicious NSIS installers used to disperse ransomware evolve and grow in number

Ransomware distributors are evolving their technique for using NSIS installers to package and execute malicious software such as Cerber and Locky, according to a new report from Microsoft.

PetrWrap ransomware found, attacks and locks up entire organizations

A previously unknown ransomware family called PetrWrap has been discovered specifically designed to attack large organizations and capable of spreading the malware to its endpoints and servers.

Malware found pre-installed on some Android devices

More than three dozen Android devices have been found to contain 21 different types of malware, including Loki, that came pre-installed on the phone read-only memory (ROM).

Florida man arrested for allegedly holding website hostage

A Florida man was arrested after allegedly shutting down a San Deigo software company's website and holding it for ransom.

Nearly two-thirds of polled organizations hit by ransomware, CyberEdge report

Sixty-one percent of organizations polled in a survey from CyberEdge Group responded that they'd been hit by a ransomware demand, a third of those paid the ransom demand.

Encryption Key-stone state: Pennsylvania Senate Democratic Caucus struck by ransomware

The Pennsylvania Senate Democratic Caucus has been attacked by ransomware, locking officials with the state organization out of their computers and rendering the group's website unavailable since Friday.

CryptoLocker bursts onto scene again, targeting Europe and U.S.

Researchers have spotted a sudden resurgence of the Windows-based ransomware CryptoLocker early this year, specifically identifying clusters of attacks targeting Italy, Dutch-speaking victims, and even the U.S.

Mobile malware attacks hit new heights in 2016: Kaspersky Labs

The number of malicious installation packages found striking mobile devices more than tripled in 2016 resulting in almost 40 million attacks by malicious mobile malware during the year, according to Kaspersky Labs.

Apple issues patch for Logic Pro X; new crypto-ransomware detected

Apple released a security update on Tuesday to patch a flaw in Logic Pro X, the company's software for audio professionals.