A Trojan-Ransom program has been detected in the wild. As a matter of fact, the threat was first discovered in 2011, but has been recently revived. It is dubbed Trojan/Win32.Rector.a[Ransom] and allows attackers to steal important information from the attacked…
Vicious ransomware now uses fraud click as means of distribution. Another Day, Another Exploit After the Zero-day Flash exploit, the ransomware infection CryptoWall keeps finding new methods of spreading to systems. Now if your device has been hijacked by the…
An “ABOUT FILES!” (*.txt) ransom message has been detected in the wild. If the file is located in all directories on a system and an error_ is added to files with various extensions, then the PC have been attacked by…
The RSA-2048 encryption key typical for Cryptowall 3.0 has been reported to strike users’ computers and display a ransomware message. Thus, the threat is also dubbed Ransomware RSA-2048 or may be referred as RSA-2048 virus. Once activated, the encryption key…
Researchers from Dell SecureWorks Counter Threat UnitSM have uncovered a swift spike of infected user ‘s PCs by Cryptowall resume-based ransomware via concentrated as well as spam emails. The report includes information about an estimate of around 625,000 systems infected…
Security researchers at Checkpoint have recently discovered a new ransom threat dubbed Troldesh. It is also known as Encoder.858 and Shade, and is a Trojan and crypto-ransomware variant. It has been created in Russia and has already affected numerous users…
Locker or as users refer to it – Locker Virus – is classified as a ransomware that encrypts crucial files via the RSA-2048 encryption algorithm. Once the files are encrypted, they will not be accessible until a unique key is…
ai88 ransomware has recently been detected in the wild to attack users, encrypt important files and ask for payment in exchange for file decryption. Affected users are typically displayed a ransom message containing information about encrypted data, deadline and amount…
F-Secure’s researchers have reported that their customers in Italy and Spain have been victims of spam e-mail campaigns initiated to spread ransomware. The spam was disguised as e-mails sent by a courier service convincing the user that a parcel had…
What Is Ransom:Win32/Threatfin? Ransom:Win32/Threatfin is classified as a ransomware that is usually installed via other malware through a backdoor. Ransom:Win32/Threatfin displays a full-screen message that blocks the desktop and makes it inaccessible. Certain files may also be encrypted. The displayed…
Bit Cryptor also dubbed BitCryptor is classified as a ransomware considered to be from the CryptoGraphic Locker family. It encrypts the user’s files via the AES-256 encryption algorithm. As a result, a ransom message is displayed on the user’s computer.…
Cryptobot is a piece of ransomware that has the same functionality as many other file encrypting threats. Once activated, Cryptobot encrypts valuable information on the affected machine and demands payment in order to decrypt it. Cryptobot has a Trojan component…
Los Pollos Hermanos Crypto Virus is a ransomware from the family of the infamous CryptoLocker. Los Pollos Hermanos is currently spreading in Australia and possibly other countries. The malicious threat functions as a typical ransomware, encrypting the user’s files and…
Alpha Crypt is a recently released piece of ransomware that is a variation of the TeslaCrypt ransomware. As other threat from the same nature, Alpha Crypt encrypts certain types of files on the compromised machine and demands a payment in…
Ransom:MSIL/Vaultlock.A is a .NET-based threat that can be downloaded on your computer by other malware. Ransom:MSIL/Vaultlock.A is installed as coinvault.exe and upon installation modifies the registries so it would be launched at every system start. The threat is also detected…
Kriptovor is ransomware and infostealer at the same time: it steals information from your system and encrypts your files in order to demand a ransom in exchange for a decryption key. The Nature of Kriptovor The word “kriptovor” derives from…
A new ransomware has been discovered by security experts. The ransomware is dubbed CrypVault and there are some differences in the way it functions compared to other ransomware. The threat also goes by the name BAT_CRYPVAULT.A. Users should not be…
Ransom:HTML/Crowti.A is a ransomware from the Ransom:win32/Crowti family. Once activated, the threat will encrypt certain files on the system and will demand a fee in order to decrypt them. Security experts from Microsoft recommend not paying the ransom. Paying is…
Ransom:Win32/Isda is a ransomware infection that once activated, blocks the access to certain files on the affected machine and demands payment to restore them. Malware experts with Microsoft advise against paying the ransom because there is no guarantee the user…
Another ransomware attack has been detected to invade the systems of Danish chiropractors. The ransomware is dubbed Pacman and spreads via email. The corrupted messages contain a link to Dropbox where Pacman is hidden. Researchers believe the malicious software’s author…
