Ransomware News, Articles and Updates

Allied Physicians hit with SamSam ransomware

Allied Physicians of Michiana, Mich., reported it was hit with a SamSam ransomware attack, but was able to quickly restore its systems and the healthcare facility does not believe any patient data was compromised.

SynAck ransomware implements Doppelgänging evasion technique

SynAck targeted ransomware was seen in the wild using the Doppelgänging technique which was first presented as a proof of concept in December 2017.

WannaCry dominated 2017 ransomware landscape: report

The volume of ransomware attacks in 2017 increased dramatically, but almost all of this growth was due to the appearance of WannaCry, a new report states.

BLACKHEART ransomware uses legit AnyDesk tool as an unwitting accomplice

A nearly discovered ransomware program drops its malicious payload alongside the perfectly legitimate AnyDesk remote desktop tool, possibly as a means to evade detection, according to researchers.

SamSam ransomware designed to inundate targeted networks with thousands of copies of itself

The ongoing SamSam ransomware campaign responsible for recently infecting the city of Atlanta, the Colorado Department of Transportation and an array of health care organizations represents an emerging operational model for malicious cryptors, according to researchers at Sophos.

HPE iLO 4 remote management interfaces targeted with ransomware

Threat actors are targeting internet accessible HPE Integrated Lights-Out 4 (HPE iLO 4) remote management interfaces with ransomware or a decoy wiper.

Ransomware exposes records of 85,000 Center for Orthopaedic Specialists patients

California's Center for Orthopaedic Specialists (COS) last week disclosed that its three facilities were affected by a ransomware attack on a third-party system that allowed adversaries to access patient data and encrypt it for the purposes of extortion.

Separate ransomware attacks hit Ukraine and Canada

Two widely separated ransomware attacks against the Ukrainian energy ministry and the provincial government of Canada's Prince Edward Island (PEI) have knocked each agencies primary website offline.

Ransomware has generated about $4.6 million in bitcoin for its distributors

Two Italian researchers from the University of Padua have compiled an estimate of how much money, in bitcoin, has been generated by the various types of ransomware used by cybercriminals.

Microsoft worker pleads not guilty in ransomware case

A Florida man has been charged with federal charges related to the Reveton ransomware scam that prosecutors say he helped operate prior to his hiring at Microsoft.

Atlanta, Colorado DOT ransomware mitigation costing millions

The tab the city of Atlanta and the Colorado Department of Transportation is paying to clean up from their respective ransomware attacks has climbed into the millions.

URL file attacks spread Quant Loader

A recent spate of attacks using phishing, social engineering, exploits, and obfuscation are being used to spread a Quant Loader trojan capable of distributing ransomware and password stealers

Verizon report: Ransomware runs rampant, responsible for 39% of malware-caused breaches

Ransomware was the most commonly detected malware in data breaches and related security incidents last year, climbing from fourth overall in 2016 and all the way from the 22nd spot five years ago, according to Verizon's just released 2018 Data Breach Investigations Report.

PUBG ransomware supplies its own decrypt key

If a victim is not in the mood to play the game PlayerUnknown's Battlegrounds in order to restore encrypted files, the ransomware creators also supply a decryptor code in the ransom note, the MalwareHunterTeam said.

Cryptocurrency mining malware usage continues climbing

It should come as no surprise to anyone in the cybersecurity industry that cryptocurrency mining is increasing at an incredible rate, but the rate of increase might come as a surprise.

Hit them where it hurts...critical infrastructure

Critical infrastructure is being targeted by cybercriminals looking to wreak havoc whether working alone or in concert with nation-states.

Protect Without Perimeters

Microsoft adds ransomware protection, recovery tools to Office 365

Microsoft has rolled out a series of new tools to protect its Office 365 Home and 365 Personal customers from a variety of cyberthreats, including ransomware.

Cryptomix ransomware receives face lift

The malicious actors behind Cryptomix ransomware have pushed out a new variant, with the primary change being the inclusion of a new extension and minor alterations to the contact info and ransom note.

Phishing or Ransomware? Experts dispute which is biggest cyber-threat

Cyber-security executives and business decision makers question whether phishing emails or ransomware attacks are the most potent threats faced, but are businesses equipped to implement all-round risk mitigation strategies?

ICLoader PUA downloader adds malware to its list of deliverable product

A campaign pushing the potentially unwanted app downloader ICLoader was found also to be dropping malware in addition to its traditional advertising and useless software.

Davidson County (N.C.) back online following a ransomware attack

Davidson County's computer network is once again fully operational one month after getting hit with a ransomware attack that affected the majority of the municipalities servers and computers.

Proof-of-concept ransomware attack transforms robots into extortionists

Researchers from IOActive have developed a proof-of-concept attack that turns ordinarily benevolent robots into malicious, money-grubbing automatons who demand bitcoin as a ransom payment.

GandCrab creators tweak ransomware, release v. 2.0

The developers behind GandCrab have followed up on their promise and released version 2.0 of the ransomware, one that cannot be defeated by the free GandCrab 1.0 decryptor created by Bitdefender.

If ransom paid in Bitcoin Cash don't expect to get files back

A new ransomware attack called Thanatos demands payment in Bitcoin Cash, which contains a decryption bug that makes it impossible for attack victims to recover stolen files, reports security researcher Malware HunterTeam.