Ransomware News, Articles and Updates

Loss from cybercrime exceeded $1.3B in 2016, FBI report

The financial loss from cybercrime in the U.S. exceeded $1.3 billion in 2016, a rise of 24 percent, according to a new report issued by the Federal Bureau of Investigation's Internet Crime Complaint Center (IC3).

Ad blockers help prevent ransomware, says Graham Cluley

If colleges struck last week with ransomware attacks had ad blockers on their systems, they likely could have avoided trouble, according to a post from security researcher Graham Cluley.

WannaCry hits Australian traffic cameras due to human error

After recently wreaking havoc on a Japanese Honda plant, WannaCry made its way across the ocean to Australian traffic cameras.

AdGholas malvertisers experiment with ransomware, delivered through Astrum EK

The AdGholas malvertising group conducted a new campaign in May and June 2017 using the Astrum EK to infect victims with Mole ransomware - an unusual change-up for these adversaries, who historically have favored banking trojans.

NSA, British security officials: North Korea behind global WannaCry ransomware attacks

The US National Security Agency reportedly believes with 'moderate confidence' that North Korea was behind last month's WannaCry ransomware attacks.

Latvian man indicted for scareware

The malware made use of the Minneapolis Star Tribune's website and led to millions of dollars in damages.

Shared Services Canada shielded government from WannaCry's wrath

Canadian federal agencies withstood the May WannaCry ransomware campaign, thanks in no small part to Shared Services Canada, the Canadian government's IT services provider, according to John Glowacki Jr., COO of SSC.

80% of security leaders expect a cyberattack to hit their enterprise, ISACA survey

IT security leaders are facing a perfect storm of challenges, a new study from ISACA found.

Adversaries leveraging chat platforms as C&C infrastructure, warns report

Hackers are abusing third-party chat platforms by incorporating them into their malicious C&C infrastructure and then using their functionality to communicate data and even download malware, according to a new Trend Micro report.

Jaff ransomware server also hosting Dark Web PII fencing operation

WannaCry ransomware stole most of the headlines in May, but researchers have noted that Jaff ransomware, which was wreaking havoc at the same time, is being operated from the same server as a large Dark Web department store.

Carnegie Mellon releases ransomware best practices

Carnegie Mellon's Software Engineering Institute released a set of Best Practices for ransomware prevention and response.

XData ransomware decryptor tool released

ESET has created and released a decryption key for AESNI, or XData, ransomware variants.

Stolen DMA Locker variant exploits Remote Desktop

Malwarebytes researchers spot a stolen version of the DMA Locker ransomware exploiting users via weakly protected Remote Desktop.

WannaCry's silver lining: Greater public awareness for ransomware

Whether it was the catchy nickname, the fact the malware's first impact disrupted hospital operations or that the main stream media latched onto the subject, WannaCry opened the public's eyes to the world of ransomware.

WannaCry patches mistakenly knock Aussie hospitals offline

In a case of no good deed goes unpunished, five Australian hospitals accidently locked out staff access to the computer systems after installing patches designed to protect them from WannaCry ransomware.

Leaked NSA hacking tools prove to be eternally annoying

With the public outcry WanaCrypt0r waning, a new cybercriminal group has rolled out a new attack profile utilizing seven other tools designed by the NSA and released by WikiLeaks.

Forgotten Conficker worm resurfaces to infect systems with WannaCry

Conficker malware dating back to 2008 was leveraged by ransomware masterminds to help infect machines with WannaCry.

Victory Cry? Decryptors solve WannaCry, but only under key conditions

French security researchers have released a pair of decryption tools for WanaCrypt0r ransomware that can salvage infected victims' files under specific circumstances.

WannaCry code prompts North Korean APT theories, but attribution remains iffy

Analysis of the WanaCrypt0r 2.0 ransomware that bedeviled enterprise across the globe this past weekend has reportedly turned up potential links to the alleged North Korean hacking institution known as the Lazarus Group.